The Gold Standard for Code Signing Authentication and Security
EV code signing certificates combine all of the regular benefits of digitally-signed code with a rigorous extended validation process. They represent the gold standard for authentication and security in code signing certificates. DigiCert’s EV code signing certificates adhere to strict validation standards from the CA/Browser Forum and to Microsoft specifications. Enhanced authentication is provided via an encrypted token containing the private key.
About EV Code Signing
Code signing certificates are used by software developers to digitally sign a program to prove that it has not been altered or compromised by a third party. While software purchased from a retail store is typically considered to be relatively safe, programs downloaded from the Internet are often treated with suspicion because of the widespread proliferation of viruses and malware. With a certificate from a trusted Certificate Authority like DigiCert, you can prevent unnecessary warning messages and protect your software from malware, tampering, and theft.
Code that is signed with an EV certificate establishes your reputation and reduces warning messages with Microsoft’s SmartScreen® Application Reputation filter–instilling trust in end-users. And, because of DigiCert’s partnership with Microsoft, our certificates give you an immediate reputation in Windows® 8, 8.1, and 10, Internet Explorer® 9, 10, and 11, and Microsoft Edge®. Our certificates are also compatible with Windows Mobile, Authenticode, Kernel Mode, Office, VBA, Java, Adobe, and more.
EV Code Signing Certificate Features:
- Robust encryption
- Help establish reputation with Microsoft SmartScreen
- Two-factor authentication
- Extended validation verification
- Comprehensive OS & browser trust
- Support for Hardware Security Modules (HSM)
- Competitive pricing
- Award-winning 24-hour technical support
What Code Needs to Be Signed:
- Device drivers
- Enterprise applications
- Firmware binaries
- OEM software
- Operating systems
- Packaged software
- Utility software
- Web applications
How it Works
To sign code, you must first purchase a code signing certificate and download a code signing ‘engine’ suitable for your operating system. Using the code signing engine, you select the code that you want to sign and sign it with your certificate token. With an EV certificate, the token is stored on a USB device that is provided when you purchase your certificate. The code is then signed and will contain a timestamp as well as your company’s information so that users know where the code is from and that it hasn’t been tampered with. With an EV certificate, this stamp will also let Microsoft’s SmartScreen filter know that the code is secure.
The benefit to having an EV code signing certificate is that your certificate token is stored on an external USB device. This means that only people with the physical device can sign code with your certificate—the certificate doesn’t live on your machine and isn’t exportable.
Protect Your Customers
Code signing certificates allow you to digitally sign code, indicating to users that it has not been tampered with and that its authenticity has been verified. Extended validation code signing provides a rigorous vetting process combined with a hardware security requirement so that your users can have even greater confidence in the integrity of your applications.
Meet the Requirements of Your Partners
Your partners and distribution channels want to ensure that they are not risking their reputation and their customers’ safety by distributing your code. Digital signatures allow them to verify that the content they are sharing is legitimate.
With the looming danger of downloading malware, users are very cautious of downloaded software. EV code signing certificates from DigiCert follow the highest authentication standards, helping to instill users’ trust in you as a publisher and in your programs. After all of the efforts you put into developing your code, enjoy the peace of mind that comes from your authentication having been validated by a name that is trusted for high assurance.
EV code signing certificates from DigiCert provide added security against malware, tampering, and theft by storing your certificate’s private key on a secure hardware token. This hardware is used during the signing process and adds an extra layer of security to help protect the integrity of your code.
Simplify Monitoring and Enforcement
A digital signature helps identify the authenticity of signed code, making it easy to screen for modified files. With a DigiCert time stamp, any signed code remains valid even after the code signing certificate expires and users can tell that the code was signed with a valid certificate.
Protect Your Reputation
Consumers expect a smooth installation process and warning messages look unprofessional and create suspicion. Code signing allows you to forgo these types of messages and trains your customers to only trust digitally-signed code.
Because of the proliferation of malware disguised as legitimate software, many consumers are extremely suspicious of any software downloaded from the web. Unexpected warning messages from their OS or browser, no matter how benign, can cause users to cancel an installation. However, with a DigiCert certificate your code will be trusted by many operating systems and browsers, allowing users to complete the installation and use the software with confidence.
Establish Reputation with Microsoft's SmartScreen® Filter
Programs signed by an EV code signing certificate can immediately establish reputation with Microsoft SmartScreen reputation services—even if no prior reputation exists for that file or publisher. Now, even brand new publishers have and benefit from an immediate reputation.
Complimentary Award-Winning Customer Service
After all the time spent on getting your code just right the last thing you want to worry about is waiting around to get your code signing certificate processed before you can digitally sign your software. DigiCert’s support team is available 24/7 to answer your questions and help issue your new certificate. We take technical support and customer service very serious, which is evidenced by the fact that we don’t have phone queues or automated phone systems. Call the support number at the top of this page and the phone will be answered promptly by someone who can answer your questions, no matter how technical.Contact us »
Express CSR Generation and Certificate Installation
As a DigiCert customer, you have access to the DigiCert® Certificate Utility for Windows. This tool lets you turn your SSL CSR creation and SSL Certificate Installation obstacle course into a smoother and easier process. Just provides your organization and payment details during the order process so that we can pre-validate your certificate. Then after we’ve completed the pre-validation process, you just need to click a button in the certificate utility to create your CSR. Then, to install your SSL Certificate, use the utility’s express installation.Learn more about the tool »
Trusted Certificate Authority with a Good Reputation
DigiCert has been providing SSL Certificates, code signing certificates, and SSL management tools for over a decade. We worked in conjunction with Microsoft to develop and promote the use of Subject Alternate Names in SSL Certificates and assisted in developing the SSL extended validation system. We also worked closely with Microsoft to create the EV code signing process and currently provide EV code signing certificates for many of the largest development teams in the world.