Back
-
Platform
BackManage PKI and Certificate Risk in One Place
-
Solutions
BackThe Smarter Way to Manage Certificate LifecyclesSoftware Supply Chain Security
Protect your entire software supply chain with automated tools
- Buy
-
Company
BackManage PKI and Certificate Risk in One Place
-
Resources
Back
- Support
- Contact us
- Language
DigiCert Code Signing Certificates
Put a stop to application and software tampering to give customers confidence in the files they download.
DigiCert Code Signing Certificates
Your customers expect safe, reliable apps—and so do the app stores and operating system providers who impose stringent requirements to ensure no third parties have altered your code.
DigiCert® Code Signing certificates are ideal for software developers and organizations looking to fulfill security requirements, a DigiCert code signing certificate subscription offers options for cloud-based secure key private storage or the high-assurance Extended Validation (EV) required for signing Microsoft Windows drivers.
Read More >- 24x5 Standard Support
- DigiCert CertCentral certificate management platform
- FIPS 140-2 Level 2-compliant key storage (KeyLocker)
- EV compatible with Microsoft attestation signing requirements
DigiCert Code Signing Certificates
Your customers expect safe, reliable apps—and so do the app stores and operating system providers who impose stringent requirements to ensure no third parties have altered your code.
DigiCert® Code Signing certificates are ideal for software developers and organizations looking to fulfill security requirements, a DigiCert code signing certificate subscription offers options for cloud-based secure key private storage or the high-assurance Extended Validation (EV) required for signing Microsoft Windows drivers.
Read More >- 24x5 Standard Support
- DigiCert CertCentral certificate management platform
- FIPS 140-2 Level 2-compliant key storage (KeyLocker)
- EV compatible with Microsoft attestation signing requirements
Code Signing Certificates
Features
In addition to protecting your organization, code signing certificates help you meet platform requirements, prevent security warnings, and ensure whatever you build is packaged in the highest level of digital trust.
Multi-factor authentication & signing authorization
Sign in with two-factor authentication (2FA) using a USB token and control signing with authorized-only HSM certificate keys.
Identity verification
Protect intellectual property with verification. Prove authenticity and protection against tampering.
Timestamping
Ensure added security with timestamped certificates. When your signature expires, it must be re-signed.
Integration compatibility
Integrate easily with universal platform compatibility, including Authenticode, Kernel Mode, and more.
Specifications
Platforms
- Apache ANT & Maven
- Azure DevOps
- CircleCI
- GitLab
- Gradle
- Jenkins
Client-Side Libraries
- Apple CryptoTokenKit
- Microsoft KSP
- PKCS11
- SmartCard Daemon
Marketplace Plug-in
- Azure Visual Studio Marketplace
- Github
- Jenkins
Use Cases
- External Software Publications
- In-House Tools & Applications
- Repository Commits & Testing
- Containers
- Product / IoT Software Security
Here's What Customers are Saying
“Excellent guidance in regard to the new code signing procedure. I appreciate how patient he was in assisting with the new procedure.”
Our obsession with customer success
One of DigiCert’s core values is “customer obsession”—a dedication reflected in the Net Promoter Score (NPS) given to us by verified customers. The scale goes from -100 to 100, with a score of 50 universally regarded as “exceptional.”
Here's what customers are saying
"Alistair went above and beyond to help me resolve a code signing issue that I've had for a few days. He was extremely helpful and was patient with me as we worked through the issues. Everything is working great now!”
- Review 1
- Review 2
- Review 3
Frequently Asked Questions
Code signing allows you to confirm digital binaries haven’t been altered by attaching a digital certificate to the code. This certificate uses Public Key Infrastructure (PKI) to attest to the integrity of the code or software, and it attaches a cryptographically unique user and timestamp, so you know who signed the code and when.
You can sign all types and forms of digital binaries, including firmware, drivers, applications, containers, mobile apps, and even source code artifacts.
Effective June 1, 2023, code signing certificate key pairs may only be issued and stored in a Hardware Security Module (HSM) that meets or exceeds FIPS 140-2 Level 2 or Common Criteria EAL 4+ standards. This ensures the private key is protected and cannot be exported, leading to greater security.
In compliance with CA/B Forum regulations, DigiCert sets up private keys using secure tokens. You can get a token from DigiCert, or you can use your own, but you’ll need to set it up to sign code. Read about the setup process here.
DigCert certificate subscriptions allow you the flexibility to easily replace or reconfigure certificates and other licensed products, simplify budgeting by annualizing the fees associated with your certificates, and automate license renewals for streamlined certificate lifecycle management.
Related Resources
Learn How DigiCert Solutions
Can Help you Deliver Digital Trust
-
The most-trusted global provider of high-assurance TLS/SSL, PKI, IoT and signing solutions.
-
-
© 2025 DigiCert, Inc. All rights reserved.
Legal Repository Audits & Certifications Terms of Use Privacy Center Accessibility Cookie Settings