Code Signing Certificates

Code Signing Certificates

Loading price information...

What is code signing?

Code Signing is a method of using an X.509 certificate to place a digital signature on a file, program, or software update which guarantees that the file or software has not been tampered with or compromised. It’s a means of providing an added level of assurance to the user that the item is authentic and safe to use. 

Software developers digitally sign their software programs, apps, and drivers,  with code signing certificates to prevent tampering or compromise of applications by unauthorized parties.

These digital certificates are especially useful in applications that are distributed through the Internet, where applications can pass through a number of suspicious parties or websites before it finally gets downloaded and installed.

Unsigned applications can easily be altered to include malware or viruses, and these untrusted applications will display warning messages resulting in lower installation yields. A code signing certificate issued from a trusted Certificate Authority such as SSL.com can prevent all of those problems.

Code signing certificates can be enrolled to SSL.com eSigner cloud code signing service which lets you conveniently add globally trusted digital signatures and timestamps to your software code from anywhere, with no need for USB tokens, HSMs, or other special hardware.

Why should you use a Code Signing Certificate?

Displays "Signed by Your Company Name" on installer screen

Trusted on all versions of Windows

Prevents untrusted warning messages

High assurance Organization Validated (OV)

Unlimited rekeys and reprocesses (for soft keys)

30 Day Unconditional Refund

Organization Validation (OV) Code Signing Certificate

The SSL.com OV Code Signing Certificate is suitable for organizations like software publishing companies who wish to sign their software applications with an organization’s validated identity. The OV code signing certificate works best for teams that sign with a shared organizational identity.

Personal Identity Code Signing Certificate

The Personal Identity or Individual Validation (IV) Code Signing Certificate applies digital signatures with a validated personal name instead of an organization, perfect for independent software developers and individual project contributors who wish to increase confidence and trust from their users.

 Which Level of Validation Code Signing Certificate do I Need?

Not sure which type of validation you need? Our table below breaks down the features between EV and OV certificates so you can make the right decision. 

 

Summary Table
  EV OV
Sign Windows 10 Drivers
Sign pre-Windows-10 Drivers
Instant Microsoft SmartScreen Reputation
Two-factor Authentication with USB Token or Cloud Signing Service
Available to Individuals Without a Registered Business
Trusted on Major Software Platforms

 

Starting June 1, 2023, SSL.com’s Organization Validation (OV) and Individual Validation (IV) Code Signing Certificates will only be issued either on Federal Information Processing Standard 140-2 (FIPS 140-2) USB tokens or through our eSigner cloud code signing service. This change is in compliance with the Certificate Authority/Browser (CA/B) Forum’s new key storage requirements to increase security for code signing keys. The previous rule allowed OV and IV code signing certificates to be issued as downloadable files from the internet. Since the new requirements only allow the use of encrypted USB tokens or cloud-based FIPS compliant hardware appliances to store the certificate and private key, it is expected that instances of code signing keys being stolen and misused by malicious actors will be greatly reduced. Click this link to learn more about SSL.com eSigner.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.