Install a Code Signing certificate

Learn how to install your standard Code Signing certificate

After DigiCert validates the information in your order, we send you an email that contains a link to install your Code Signing (CS) certificate.

*Sun Java Note: If your certificate was keyed for the Sun Java Platform, your code signing certificate installation process is different than the one described on this page. See Java Code Signing Certificate Set Up and Usage Guide.

Code Signing (CS) certificate installation process

1. DigiCert sends you an email

   We send you an email with link to create and install your code signing certificate. The email will have one of these subject lines:

   • New orders

     Subject: Create Your DigiCert Code Signing Certificate (Order #)

   • Reissue orders

     Subject: Reissue Your DigiCert Code Signing Certificate (Order #)

   Note: From the date the email was sent, you have thirty days to create your code signing certificate. After thirty days, you'll need to reissue/rekey your code signing certificate so that we can approve it again. See Reissue or Re-Key Your Code Signing Certificate.

2. Follow the link in the DigiCert Code Signing certificate email

   On the computer you want to install your code signing certificate on, copy and paste the creation link from the email in Internet Explorer* or Safari. When you open the link, the certificate is installed to the current user's personal certificate store for Windows or the login keychain for Mac.

   Browser Note: Currently, only Microsoft Internet Explorer and Apple Safari support CSR generation needed for code signing certificate installation. If company policy requires the use of Firefox, you can use Firefox ESR or a portable copy of Firefox. For more information, see our knowledge base article Keygen support to be dropped with Firefox 69.

   IE Note: If you open the link in Internet Explorer, you receive a Web Access Confirmation warning. Click Yes to continue.

3. Generate and install your Code Signing certificate

   On the Generate your DigiCert Code Signing Certificate page, click Generate Certificate to create and install your code signing certificate.

   When you click Generate Certificate, the following automatically happens:

   • Your browser creates a private key and CSR. The private key is stored in the backend of your browser and the CSR is sent to DigiCert.

   • DigiCert receives the CSR and sends files back to the browser for installation.

   • The certificate files are automatically installed to the browser’s Personal Certificate store.

4. Code Signing certificate installed

   Your Code Signing Certificate is now installed to the Personal Certificate Store of your browser.

   • Windows - IE installs your certificate in the Personal Certificate Store of your Computer Account in the MMC. If you used an older version of Firefox Portable/Firefox ESR the certificate is stored in the browser. See (Windows) Verifying Your Code Signing Certificate Installation.
   • Mac - Safari installs your certificate in the login keychain. If you used an older version of Firefox Portable/Firefox ESR the certificate is stored in the browser. See (Mac) Verifying Your Code Signing Certificate Installation.
5. Ready to sign your code

   Now that you have installed your Code Signing certificate, you can use it to sign your code. For code signing instructions, see our Code Signing Support & Tutorial page.

6. Export Code Signing Certificate

   If necessary, you can export your Code Signing Certificate as a .pfx file (Windows) or as a .p12 file (Mac and Firefox).

   • (Windows) Exporting Your Code Signing Certificate
   • (Mac) Exporting Your Code Signing Certificate.