Code Signing Key Storage Requirements Will Change on June 1, 2023

Important Announcement:

  • Effective June 1, 2023, key storage requirements for Organization Validation (OV) and Individual Validation (IV) Code Signing Certificates will change. New code signing certificates will either be issued with Federal Information Processing Standard 140-2 (FIPS) validated Yubikey USB tokens or have signing operations enabled through the eSigner Cloud Signing Service.   
  • is initiating the change based on new CA/Browser Forum requirements  by June 1, 2023.  
  • After June 1, 2023, key material for all code signing certificates will no longer be exportible and there will no longer be activation links sent as part of the issuing process.’s OV and IV Code Signing certificates help protect your code from unauthorized tampering and compromise with a secure level of validation.


Why Is This Occurring?

  • Certificates that allow for key material to be exported are found to be less secure and more vulnerable to unauthorized use.  
  • The modification enables more substantial trust in the code signing process by instituting safer key storage requirements. 
  • It helps prevent unauthorized modification of software helping users limit the spread of malware, trojans, and other technology-based viruses. 

Impact of the Change: 

  • This is an industry-wide mandate and affects everyone purchasing new, renewing, or reissuing OV (Organization Validated) or IV (Personal or Individual Validation) Code signing certificates. 
  • The key material bound to affected code signing certificates will no longer be enabled for exporting through formats such as PKCS#12 or PFX to be installed in a certificate store or key manager. 
    • The options for key storage include:
      •’s eSigner cloud signing service for remote signing
      • A secure FIPS-compliant security key USB device 
      • A dedicated cloud HSM service such as AWS CloudHSM or Azure Dedicated HSM 
      • An on-premises  FIPS-compliant Hardware Security Module (HSM)

Using an on-premises or cloud HSM service will require a key generation attestation Solution 

  • will begin deploying under the new guidance effective June 1, 2023. 
  • If your organization needs Digital Code Signing, has two options. 
    • The first is a USB token that complies with the FIPS (Federal Information Processing Standards) 140-02 
    • The other is through the eSigner Cloud signing service
      • The link provides a complete summary of the various code signing certificates and cloud services available. 

The benefits of a Personal or Organization Code Signing Certificate:

  • A digital signature displays a publicly trusted validated identity in either a personal name or an organization name.
  • An intact digital signature proves software files remain uncompromised.
  • The software is timestamped by’s publicly trusted timestamp authority.
  • Can be enrolled in our eSigner cloud signing service for remote signing.
    • The service lets you conveniently add globally trusted digital signatures and timestamps to your software code from anywhere, with no need for USB tokens, HSMs, or other special hardware.
    • The eSigner signing operations and API enables integration with CI/CD services and signing automation.

For a higher level of trust and authentication, Extended Validation Code Signing certificates offer the highest level of security available in signing code. Click here for additional information. 

For Sales or Support Information has a team standing by to assist with any questions, concerns, or problems. Contact information is below:

  • Sales
  • 775-237-8434
  • Email:
  • The Chat Line is available for either sales or support
  • It can be found in the lower right corner of the home page.
  • Https://

You can also use the form below.

Subscribe to’s Newsletter

Don’t miss new articles and updates from

Stay Informed and Secure is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.