Introduction to Code Signing Certificates

You know that you can get an SSL certificate to secure data on your website – but did you know there’s a way to offer the same security for programs, scripts and mobile apps? Welcome to the wonderful world of code signing certificates, designed to secure your code and reassure your users. SSL.com is pleased to offer code signing certificates to application developers and web publishers, with prices as low as $64.50/year.

Code Signing Certificates FAQ

Below, we have collected some of the common questions people ask about code signing certificates. If you don’t see the answer you need below, feel to reach out and contact us. Someone from our team can help you get it set up quickly so all your apps are safe.

What IS a Code Signing Certificate?

Simply put, a code signing certificate is a lot like an SSL certificate, and uses similar public key encryption to validate the identity of the provider and the integrity of the code. They are given out by a Certificate Authority (like SSL.com), but instead of websites, they are assigned to software. While your SSL certificate protects your site’s traffic, a code signing certificate is designed to protect your software. Whether it’s a stand-alone program, a mobile app or a web application, code signing allows users to know the program they’re using has not been changed by anyone but you.

Is a Self-Generated Certificate the Same Thing?

While you can generate your own code signing certificate, this defeats the purpose, since like with SSL certificates it is the chain of trust of a Certificate Authority that stands behind the code signing certificate to verify the authenticity of your code. Like any self-signed SSL certificate, a self-signed code signing certificate performs encryption just fine – but it’s pretty much useless for establishing trust, and your users will likely see your program flagged as untrusted in their browser or on their phone.

Do I Really Need a Code Signing Certificate?

If you’re serious about widespread adoption of your web app or mobile application, the answer is yes. You are going to want to do everything you can to ensure the integrity of what people download onto their computers or mobile computing devices. While you could release your software without code signing, in the modern world it’s just not recommended. If an unsigned application is released into the wild online, there’s a very good chance that the code could be tampered with – and if this happens to your code, the users downloading “your” program are going to have reactions ranging from unhappiness to fits of rage, depending on the changes made. The end user may have no idea about how code signing works, but as an application developer, it is your responsibility to ensure the integrity of your code, even after you’re turned it loose to be downloaded from other servers. A code signing certificate helps you guarantee your code was not compromised – and shows that you take your code’s integrity seriously.

What Do I Get With My SSL.com Code Signing Certificate?

Here are some of the features and benefits of SSL.com’s code signing certificates:

  • Software displays your company name in the “signed by” field.
  • Can also show version/release information for your code and other useful metadata.
  • Trusted by all major platforms.
  • Prevents “untrusted” warning messages.
  • Unlimited rekeys/reprocesses by SSL.com for the duration of the certificate.
  • 30 day, no-questions-asked refund policy.

Great – How Do I Get a Code Signing Certificate from SSL.com?

As mentioned, SSL.com is now offering code signing certificates at very reasonable rates, as low as $64.50/year. If you want to know more, just click here to get prices and more information. We’re here to help secure your software, sites and peace of mind – contact us today!