Code Signing Certificates

Secure Your Software and Establish Trust

Code signing certificates allow you to digitally sign your software, establishing yourself as a verified publisher and protecting your applications, executables, and drivers from tampering.

Benefits of Code Signing

Verified Publisher Status: Gain instant credibility with users and platforms.
Tamper-Proof Seal: Ensure the integrity of your software with a cryptographic seal.
Eliminate Security Warnings: Remove "unknown publisher" warnings, streamlining the installation process.
Build User Trust: Provide assurance that your software is authentic and unmodified.

How Code Signing Certificate Works

When you sign your code:

A unique digital fingerprint is created for your software.
This fingerprint is encrypted with your private key.
The encrypted fingerprint is attached to your software along with your code signing certificate.

If the code is modified after signing, the digital signature becomes invalid, triggering a warning message.

Get Started Quickly

Our validation experts are here to help:

Determine the simplest paperwork for your country.
Assist with form completion.
Handle the submission process.

With our Cloud Code Signing option, you can start signing immediately without waiting for physical hardware.

Protect your software, boost user confidence, and streamline your distribution process with a code signing certificate today.

Certificado Code Signing

Code Signing Certificates

Before installing your software, users want to verify its origin and integrity. DigiCert's Code Signing Certificates offer cutting-edge technology to authenticate authorship and ensure the code remains unaltered and malware-free.

Certificate price
OV Code Signing
/year
EV Code Signing
/year
Validation Type
OV Code Signing
OV
EV Code Signing
EV
Remove Unknown Publisher Warnings
OV Code Signing
EV Code Signing
Unlimited Software & App Signing
OV Code Signing
EV Code Signing
Compatible with all major 32-bit or 64-bit platforms
(Microsoft Authenticode, Office VBA, Java, Adobe AIR, Mac OS, Mozilla and others)
OV Code Signing
EV Code Signing
Includes timestamp functionality
OV Code Signing
EV Code Signing
Windows Kernel Mode Signing Support
OV Code Signing
EV Code Signing
Automatic SmartScreen Reputation
OV Code Signing
EV Code Signing
Requires USB token or HSM for certificate generation and storage
OV Code Signing
EV Code Signing
Compatible USB tokens
(Available for purchase with the certificate)
OV Code Signing
SafeNet eToken 5110
or
SafeNet eToken 5110 CC (940)
EV Code Signing
SafeNet eToken 5110 CC (940)
Google Cloud HSM (GCP) installation service available
(Cloud Code Signing)
OV Code Signing
EV Code Signing
Supports RSA key and signature generation up to 4096 bits
OV Code Signing
Only with SafeNet eToken 5110 CC (940) or a compatible HSM
EV Code Signing
Only with SafeNet eToken 5110 CC (940) or a compatible HSM
BUY A OV CODE SIGNINGBUY A EV CODE SIGNING

Compare our secure Code Signing Certificate storage options

Now it is required to generate and store the Code Signing Certificate on a token USB or HSM.

USB token price with free shipping
SafeNet eToken 5110 CC (940)
Google Cloud HSM (GCP)
---
Price of the service for the setup and installation of the Code Signing Certificate on the HSM
SafeNet eToken 5110 CC (940)
---
Google Cloud HSM (GCP)
Supports RSA key and signature generation up to 4096 bits
SafeNet eToken 5110 CC (940)
Google Cloud HSM (GCP)
Provides a multi-user solution with secure access for Code Signing
SafeNet eToken 5110 CC (940)
Google Cloud HSM (GCP)
Provides secure, cross-platform remote access to sign code from servers, virtual machines, and workstations
SafeNet eToken 5110 CC (940)
Google Cloud HSM (GCP)
Allows cloud code signing automation with CI/CD
SafeNet eToken 5110 CC (940)
Google Cloud HSM (GCP)
All prices do not include VAT

Cloud Code Signing Features and Benefits

No shipping required

You don't have to wait for a USB token to arrive or worry about setting up and managing an HSM.

Sign From Anywhere

With Cloud Code Signing, you can securely connect to the Google HSM and use your code signing certificate from anywhere.

Secure, Compliant Key Storage

Your private key is securely stored in a Hardware Security Module (HSM) with multiple layers of security, including MFA.

Automation With CI/CD Tools

Integrate with your CI/CD pipelines or other automated processes to perform code signing tasks.

For the service of setup and installing the Code Signing Certificate on the HSM, your organization must have a Google Cloud Platform account with an active billing profile. The cost of using the HSM (Cloud KMS) is paid directly to Google by your company.

Google's HSM is the most cost-effective on the market; you pay cents per code signature, as shown below:

https://cloud.google.com/security/products/security-key-management?hl=en#pricing

Features of DigiCert Code Signing Certificates

Assurance & Authenticity

Assurance & Authenticity

Digital signing with the Code Signing Certificate guarantees that a software application comes from a verified, trusted source and has not been tampered with or infected before it is run.

Prevent security warning labels

Prevent security warning labels

Warnings discourage users from using your software. With the Code Signing Certificate, these warnings disappear.

Reputação

Protect the reputation of your company

Digital signing with the Code Sign certificate allows customers to verify that their code is authentic and has not been hacked, protecting both parties against fraud and malware.

Prevents software tampering

Prevents software tampering

Code signing is a layer of protection that shows your customer that the software has not been tampered with since it was signed, guaranteeing its integrity.

Conformidade

Meet platform requirements

The platforms that distribute your software expect you to protect your customers' data. Code Signing demonstrates your commitment to security.

Increase software adoption and sales

Increase software adoption and sales

Software digitally signed with Code Sign adds value to your product and creates more security and trust for your customer or end user.

You can use code signing certificates on these platforms

Code Signing certificate for Windows

Windows Developer Code Signing Certificate

A code signing certificate is required for software developers that are building applications for Microsoft platforms or require certification for programs that use the Microsoft Windows® logo. Suitable for those developing for Microsoft Windows, Microsoft Office, Windows Phone, Xbox 360, or Microsoft Azure.

Features of DigiCert Code Signing Certificates for Windows:

  • Secure software and executable files (32 and 64 bit) with a trusted signature.
  • Digital signing of Windows hardware drivers.
  • Supports SHA-2 hash algorithm.
  • Unlimited Signing.
  • Includes timestamp functionality.
  • DigiCert EV Code Signing certificate enables instant Microsoft SmartScreen Filter reputation.
Code Signing Certificate for Microsoft Office & VBA

Essential for anyone developing applications using Microsoft Visual Basic for Applications (VBA) and Microsoft Office. Digitally sign scripts, VBA objects, and Microsoft Office macros to avoid warning messages and ensure that the code has not been tampered with. Your macro will show who developed it and allow users to trust all macros signed by your company.

Features of DigiCert's Code Signing Certificates for Microsoft Office & VBA:

  • Digitally sign and protect VBA objects, macros and scripts for Microsoft Office (.doc, .xls and .ppt).
  • Validates your organization's legitimacy according to certificate authority policies.
  • Generates a unique hash using the SHA-2 algorithm.
  • Allows unlimited signing of VBA objects, macros and scripts.
  • Includes timestamps for all digital signatures.
Code Signing Certificate for Microsoft Authenticode

Digital signature for code, scripts and executable files for the Windows platform, required for Microsoft Windows Logo certification.

Features of DigiCert Code Signing certificates for Microsoft Authenticode:

  • Digitally sign .exe, .cab, .dll, .ocx, .msi, .xpi and .xap files.
  • Supports the signing of plug-ins, ActiveX controls, kernel software and other files.
  • Supports the signing of Microsoft Silverlight applications.
  • Fully supports the SHA-2 hash algorithm.
  • Allows unlimited file signatures.
  • Includes timestamps for all digital signatures.
  • DigiCert EV Code Signing Certificate supports 32 and 64 bit kernel mode and user mode.
Code Signing Certificate for Java

For Java developers building desktop and mobile applications using the Java Runtime Environment (JRE). Protect your code and eliminate warning messages such as "The application is blocked by Java Security" or "The authenticity of the author cannot be verified".

Features of DigiCert Code Signing certificates for Java:

  • Digitally sign .jar files and applications.
  • Fully supports the SHA-2 hash algorithm.
  • Allows unlimited file signatures.
  • Includes timestamps for all digital signatures.
  • Validates your organization's legitimacy according to certificate authority policies.
Code Signing certificate for Android

For developers of applications for the Android platform.

Features of DigiCert Code Signing certificates for Android:

  • Digitally sign unlimited .apk files.
  • Fully supports the SHA-2 hash algorithm.
  • Includes timestamps for all digital signatures.
  • Validates your organization's legitimacy according to certificate authority policies.
Code Signing Certificate for Apple

You can use a DigiCert Code Signing Certificate to digitally sign your Mac OS software, but if you want your applications to open on a Mac that has Gatekeeper enabled, or if you want to distribute applications on the App Store, you must create a developer ID to sign your Mac applications and installer packages. Only Apple developer code signing certificates are compatible with Gatekeeper.

Features of DigiCert Code Signing certificates for Apple:

  • Digitally sign unlimited Apple applications, Mac OS software and updates.
  • Fully supports the SHA-2 hash algorithm.
  • Includes timestamps for all digital signatures.
  • Validates your organization's legitimacy according to certificate authority policies.
Code Signing Certificate for Adobe Air

Used by developers of cross-platform Adobe Air applications to avoid alerts from untrusted software.

Features of DigiCert Code Signing certificates for Adobe Air:

  • Digitally sign all types of Adobe Air via the Flex SDK, Flex Builder, Dreamweaver and Flash.
  • Fully supports the SHA-2 hash algorithm.
  • Includes timestamps for all digital signatures.
  • Validates your organization's legitimacy according to certificate authority policies.
Code Signing certificate for Firefox

Used to digitally sign Mozilla XPI packages for Firefox and Thunderbird objects.

Features of DigiCert Code Signing certificates for Firefox:

  • Fully supports the SHA-2 hash algorithm.
  • Includes timestamps for all digital signatures.
  • Validates your organization's legitimacy according to certificate authority policies.

Supports the tools you use

SignTool

SignTool - Command-line tool

Jarsigner

Jarsigner - Tool to sign and verify Java files

Docker

Docker - Container Application Development

SignPath

SignPath - Secure Code Signing Process

GaraSign

GaraSign Platform

Keyfactor & PrimeKey

Keyfactor Signum & PrimeKey - Code Signing Solution

DigiCert EV Code Signing
Get the highest level of trust with the DigiCert EV Code Signing Certificate

The DigiCert EV Code Signing Certificate is the best option for maximizing trust and acceptance of your software. In addition to all the benefits of the OV CodeSign Certificate, the DigiCert EV Code Signing Certificate has additional features that provide your customers with the highest level of security and assurance. It is the most compatible Code Signing Certificate on the market.

The EV certificate is submitted to a rigorous validation process and hardware security requirements, giving users even greater confidence in the integrity of their applications.

Removes Microsoft Defender SmartScreen Filter alerts that are part of Windows and Microsoft Edge.
Two-factor authentication using a USB token or HSM. Only with cryptographic hardware can the EV Code Signing certificate be stored and used to sign code.
Code signatures created during the validity period of the timestamped certificate remain valid after the original certificate expires.
Buy a DigiCert EV Code Signing Certificate

Use Cases for DigiCert Code Signing Certificates

Software and Web Applications

Apps

It doesn't matter if you're developing applications for internal or external use. Code signing adds a layer of protection to your software so that end users know that they are receiving secure code from an organization.

IoT Devices

IoT

When deploying IoT devices, it is critical to ensure the integrity of firmware and updates. Code signing prevents any outside tampering from compromising the device.

DevOps

DevOps

Protect the containers your team works on by integrating code signing into your development workflow. Protect your code and the applications that use it.

Software Updates

Software Updates

The code signing certificate allows you to distribute software updates securely and reliably. Signing with the same certificate used in the original software helps ensure traceability.

FAQ

Code Signing Certificate FAQs

What is Code Signing?

Code Signing Certificates are used by software developers to digitally sign applications, drivers, executables, and software programs. This allows end users to verify that the code they receive has not been altered or infected by a third party. They include your signature, your company name, and a timestamp if desired.

When software is digitally signed, a digital certificate is used to create an encrypted signature that is attached to the software file. This signature allows users to verify the software's origin and ensure that it has not been altered or corrupted since its creation.

Code signing offers important benefits such as ensuring that the software has not been tampered with before installation, increasing users' trust in the software's origin, and helping to prevent malware attacks. Users can verify the signature before installing software to ensure that it comes from a trusted source.

The benefits of Code Signing Certificates are:

  • Protects your intellectual property and your company's reputation
  • Ensures that the software has not been compromised by malware after being digitally signed
  • Prevents the display of security warning messages in applications
  • Build trust and increase adoption and sales of your software
  • Comply with security policies and contractual obligations
What are the requirements to request a Code Signing Certificate?

DigiCert Code Signing Certificates can only be applied for by a legally incorporated company. Specifically for the DigiCert EV Code Signing Certificate, the requesting company must have been established for more than 3 years.

In order to issue the Code Signing Certificate, DigiCert will perform a validation process to verify the details of your organization and the person requesting the certificate. It may be necessary to send documents and confirm by phone to complete the validation. This is a standard requirement of all Certification Authorities.

DigiCert reserves the right not to issue the Code Signing Certificate if the requesting company does not meet the standard requirements of the CA / BROWSER FORUM:

If the Code Signing Certificate cannot be issued, the amount paid will be refunded.

What is the difference between Standard (OV) and EV Code Signing Certificates?

DigiCert OV Code Signing (Organization Validated)

Software signed with this certificate, when run, will display a screen with your company name and ask if you want to continue with the installation, but it will not be a warning message.

Reputation is built organically as downloads and installations of the software increase.

DigiCert EV Code Signing (Extended Validated)

Software signed with this certificate, when run, will not display a confirmation screen before continuing with the installation.

The DigiCert EV Code Signing certificate provides instant recognition with the Microsoft SmartScreen reputation scanner.

To qualify for EV Code Signing certification, a company must have been in operation for three years.

How do I buy a Code Signing certificate?

Buy a Code Signing Certificate quickly and easily on our website:

1. Select the appropriate code signing certificate based on your needs:

2. Choose Billing Cycle

The Code Signing Certificate can be purchased with a validity of up to 3 years.

3. Enter the name of the organization to which the certificate will be issued.

4. Available Addons

If you do not have the USB token for storing the certificate (SafeNet eToken 5110 CC), you can select it for purchase. You can also buy the certificate installation service on Google HSM.

5. Review your order

Review your order and enter a discount coupon if you have one.

6. Checkout

If you are already a registered customer, please enter your email address and password. Otherwise, create a new account by entering your registration information and password. Select your payment method and proceed to checkout!

Once payment is approved, we will begin the process of validating the Code Signing Certificate. We will send you all instructions and information by email.