Digital Authentication Services for Signing Code
Consumers have a high level of trust in shrink-wrapped software that they purchase from a retail store. Using a standard code signing certificate gives users that same confidence in programs that they download and install. Using a DigiCert digital certificate confirms the code’s origin and assures users that a malicious third party has not inserted malware. And signing code with a digital signature from a trusted Certificate Authority like DigiCert prevents unnecessary warning messages when running published code.
About Code Signing
Code signing certificates are used by software developers to digitally sign a program to prove that it has not been altered or compromised by a third party. While software purchased from a retail store is typically considered to be relatively safe, programs downloaded from the Internet are often treated with suspicion because of the widespread proliferation of viruses and malware.
Code Signing Certificate Features:
- Protects your code
- Prevents unnecessary warning messages
- Increases user confidence and security
What Code Needs to Be Signed:
- Device drivers
- Enterprise applications
- OEM software
- Operating systems
- Packaged software
- Utility software
- Web applications
How it Works
To sign code, you must first purchase a code signing certificate and download a code signing ‘engine’ suitable for your operating system. Using the code signing engine, you select the code that you want to sign and sign it with your certificate token. The code is then signed and will contain a timestamp as well as your company’s information so that users know where the code is from and that it hasn’t been tampered with. With an EV certificate, this stamp will also let Microsoft’s SmartScreen filter know that the code is secure.
DigiCert Code Signing Certificates Support All Major Platforms
Microsoft® Code Signing
Digital signatures for Windows ActiveX with Microsoft Authenticode file signing and kernel mode. Easily sign code for a variety of Microsoft applications, including Visual Basic Applications and Office.
Apple® Code Signing
Since code signing was introduced by Apple in Mac OS 9 and later, code signing certificates are now able to sign applications for authenticated use in Mac OS.
Protect Your Customers
Code signing certificates allow you to sign code digitally, demonstrating to users that its authenticity has been verified and it has not been tampered with. Code Signing from DigiCert protects your software from tampering, theft, and malware.
Meet Partner Requirements
Your partners and the channels that distribute your software all expect you to safeguard their valuable customers and their data. Using code signed software is a best practice that demonstrates your commitment to their safety and is often a contractual requirement.
Over the years, computer users have learned to be very cautious of downloaded software. Code signing certificates help build trust in you as a publisher and in the programs you create. You and your customers deserve the peace of mind that comes from knowing that a trusted third party can validate your code.
EV code signing certificates from DigiCert provide added security against malware, tampering, and theft by storing your certificate’s private key on a secure hardware token. This hardware is used during the signing process and adds an extra layer of security to help protect the integrity of your code.
Monitoring and Enforcement Made Easy
It becomes easy to detect modified files when a piece of code is digitally signed. Additionally, code signed with a DigiCert time stamp tells a user that the code was signed with a valid certificate even after the actual code signing certificate expires.
Your customers expect a smooth and professional installation process when they download your software. Digitally-signed programs that bypass warning messages help keep your users safe and protects your good name.
Establish Reputation with Microsoft's SmartScreen® Filter
Programs signed by an EV code signing certificate can immediately establish reputation with Microsoft SmartScreen reputation services—even if no prior reputation exists for that file or publisher. Now, even brand new publishers have and benefit from an immediate reputation.
Consumers have rightfully become suspicious of software that they download from the web. Danger lurks online at every turn, from malware to hackers. When your customers download or install a piece of your software and are presented with unexpected warning messages they are likely to simply abandon the installation out of fear of the unknown. Signing your code with a DigiCert certificates helps you avoid these pop-up warnings generated by browsers or operating systems, increasing the adoption rate of your software.
Award-Winning Customer Service
DigiCert takes great pride in having the best technical support team in the business. Available 24/7 our support experts are standing by to field your toughest questions. We don’t outsource our support, have long phone queues, or send you to an automated system. Your calls are answered promptly by a technically-proficient rep who can answer any question you might have, without having to escalate you to someone who can actually answer your question. Call the number at the top of this page and we will be happy to answer any code signing questions you have and provide whatever free support you need.Contact us »
Simplifying the Code Signing Process
As a DigiCert customer, you have access to the DigiCert® Certificate Utility for Windows. This tool lets you turn your code signing obstacle course into a smooth and easy process. All you have to do is open the certificate utility, navigate to the file that you want to sign, and click a button. When signing kernel code, the utility automatically assures the correct intermediate certificates are used. This tool also streamlines the SSL CSR generation and certificate installation process.Learn more about the tool »
Trusted Certificate Authority
For over a decade, DigiCert has been providing trusted SSL Certificates, code signing certificates, and related management tools to tens of thousands of the largest brands in the world. We pioneered the use of Subject Alternate Names in SSL Certificates and pushed the CA/Browser Forum, which we helped found, to create the extended validation process.