Limited-Time Offer

Code Signing Certificates

Lock in up-to 37% Savings on 3-year Code Signing certificates and receive a FREE token for 3-year orders placed this month.

The new CA/B Forum rules require all Code Signing Certificates be provisioned and shipped on hardware-based tokens. To save on annual token and shipping costs, we recommend purchasing 3-year certificates to pay only one token and one shipping charge saving 37% versus renewing annually. This month, we are also including a FREE token for all 3-year OV & EV Code Signing Certificates - a $50 value!

Free

FIPS-Compliant token with the purchase of a 3-year OV or EV certificate. Save $50!

Code Signing Certificate

FIPS-Compliant Token

$429

Up to 37% off with multi-year

Free required token with 3-year certificate
Meet CA/Browser Forum authentication standards and Microsoft specifications
Establishes reputation in Windows 8.0 and later, Internet Explorer 9 and later, Microsoft Edge, and Microsoft SmartScreen® Application Reputation filter
Increase user confidence by showing the identity of the signing party before applications are run
Supports all major 32-bit/64-bit formats, including Microsoft Authenticode (kernel and user mode files, like .exe, .cab, .dll, .ocx, .msi, .xpi, and .xap), Adobe Air, Apple applications and plug-ins, Java, MS Office Macro and VBA, Mozilla object files, and Microsoft Silverlight applications
Includes timestamp functionality for continued operation even after the code signing certificate has expired

EV Code Signing Certificate

Highest level of Security

$498

Up to 29% off with multi-year

Highest level of security
Free Physical USB token with 3 year certificate
Meet CA/Browser Forum authentication standards and Microsoft specifications
Establishes reputation in Windows 8.0 and later, Internet Explorer 9 and later, Microsoft Edge, and Microsoft SmartScreen® Application Reputation filter
Increase user confidence by showing the identity of the signing party before applications are run
Protects private key from theft via hardware token and PIN
Supports all major 32-bit/64-bit formats, including Microsoft Authenticode (kernel and user mode files, like .exe, .cab, .dll, .ocx, .msi, .xpi, and .xap), Adobe Air, Apple applications and plug-ins, Java, MS Office Macro and VBA, Mozilla object files, and Microsoft Silverlight applications
Includes timestamp functionality for continued operation even after the code signing certificate has expired

4.8

What changed?

As of June 1, 2023, all Code Signing Certificates must comply with the new CA/B Forum regulations to ensure that the subscriber’s private key is generated, stored, and used in a suitable FIPS-compliant hardware.

Requirements for private keys used with EV code signing certificates have been stronger than OV code signing certificates which are more relaxed.

The new rules are intended to reduce potential misuse of code signing certificates and to further protect those certificates from getting into the wrong hands by making key protection requirements for OV code signing certificates to be the same as EV code signing certificates.

As of June 1, 2023, you will no longer be able to issue your standard OV Code Signing certificates. If you have not already issued a purchased certificate, you need to take action immediately.

As of June 1, 2023 ComodoCA OV code signing certificates will be either:

Installed on a ComodoCA token and shipped securely to the customer
Available as a download to be installed on the customer’s own HSM. The hardware devices (e.g. tokens, HSMs, etc.) must be FIPS-compliant and support externally verifiable key attestation.

Trusted by Leading Brands Globally

Securing some of the world’s largest and best-known brands.

FAQs

Have another question?

Reach us by chat in the lower-right corner.

Code Signing allows software developers to add digital signatures to code and to include information about themselves and the integrity of their code within their software. The end users that download digitally signed 32-bit or 64-bit executable files (.exe, .ocx, .dll, .cab, and more) can be confident that the code really comes from a verified developer and has not been altered or corrupted since it was signed.

A code signing service is an online cloud-based solution which provides signatures for code binaries. The developer’s certificate is maintained securely in the cloud. The developer or signee does not have to send the entire file to be signed, a hash code will suffice. The service provides security, convenience, and scalability.

There are three main things which must be verified before issuance of a code signing certificate:

1. The legal existence of the organization or individual named in the Organization field of the code signing certificate must be verified.

2. The email to which the code signing certificate is to be sent must be someone@domain.com, where domain.com is owned by the organization named in the code signing certificate.

3. A callback must be made to a verified telephone number for the organization or individual named in the code signing certificate in order to verify that the person placing the order is an authorized representative of the organization.

Code Signing certificates are installed on a physical token and shipped to your location. We can only provide full refunds for products that have not been shipped. Once a product has shipped and within 30-days from order, we will refund the product cost, less shipping and token cost.

Still Have Questions?

Our team of experts are ready to assist you in selecting the right certificate for you.
Simply chat with us now or reach us at sales@sectigo.com or by phone:

United States

+1 888 266 6361

International

+1 914 732 8446