SSL.com

Remote EV Code Signing with eSigner

With SSL.com’s eSigner service, you can use your SSL.com user credentials to sign code from any internet-connected device. This guide will show you how to enroll a OV, IV, or EV Code Signing certificate order in eSigner and sign code with the eSigner Express web app, or from the command line with CodeSignTool or SSL.com’s CSC-compliant code signing API.

eSigner can be used for Microsoft Authenticode and Java code signing, and can sign MSI installers and various types of scripts. A complete list of supported file types is available at the end of this guide.

To check all the file types that eSigner supports for enterprise code signing and document signing, head over to this article.

For instructions on how to automate EV Code Signing using signtool.exe or certutil.exe please review this how-to. eSigner also supports CI/CD integration for full automation of signings using CircleCI, Github Actions, Gitlab CI, Jenkins and Travis.

Before getting started, you’ll need an EV Code Signing certificate from SSL.com. For information on ordering your certificate from SSL.com, please read this how-to. If you’d like to try eSigner with a demo account and certificate, please read eSigner Demo Credentials and Certificates for credentials and configuration information.

Enroll in eSigner

First, you’ll need to enroll an OV, IV, or EV Code Signing certificate order with eSigner.

  1. Navigate to an issued Code Signing order in your SSL.com account. Note that the order is labeled eSigner Ready.
  2. Click one of the download links.
  3. Create and confirm a 4-digit PIN and click the create PIN button.
If you need to reset your eSigner PIN, please read this how-to.
Create PIN
  • Your certificate will be generated, and after a few moments a QR code will appear above the certificate downloads table.
  • The next time you reload the page the QR code will not be visible. If you need to to view or reset your eSigner QR code, please read this how-to.
  • Scan the QR code into a 2-factor authentication app on your mobile device, such as Google Authenticator or Authy. The app will provide you with one-time passwords (OTPs) for use when signing. Each OTP is valid for 30 seconds.
  • Tip: You can use eSigner to share EV code signing certificates between teammates. Please read Team Sharing for eSigner Document and EV Code Signing Certificates for instructions.

    Supported File Types for eSigner Code Signing

    Microsoft Authenticode File Types
    • acm
    • ax
    • bin
    • cab
    • cpl
    • dll
    • drv
    • efi
    • exe
    • mui
    • ocx
    • scr
    • sys
    • tsp
    MSI File Types
    • msi
    PowerShell Scripts File Types
    • ps1
    • ps1xml
    Other Scripts File Types
    • js
    • vbs
    • wsf
    Java File Types
    • jar
    Don’t see a common file type that you’re trying to sign and should be supported? Please notify our team at Support@SSL.com.

    Exit mobile version