Product Hero Image

DigiCert Code Signing Certificates

Put a stop to application and software tampering to give customers confidence in the files they download.

 

DigiCert Code Signing Certificates

Code Signing Product Image

Your customers expect safe, reliable apps—and so do the app stores and operating system providers who impose stringent requirements to ensure no third parties have altered your code.

DigiCert® Code Signing certificates are ideal for software developers and organizations looking to fulfill security requirements, a DigiCert code signing certificate subscription offers options for cloud-based secure key private storage or the high-assurance Extended Validation (EV) required for signing Microsoft Windows drivers.

Read More >
  • 24x5 Standard Support
  • DigiCert CertCentral certificate management platform
  • FIPS 140-2 Level 2-compliant key storage (KeyLocker)
  • EV compatible with Microsoft attestation signing requirements

DigiCert Code Signing Certificates

Code Signing Product Image

Your customers expect safe, reliable apps—and so do the app stores and operating system providers who impose stringent requirements to ensure no third parties have altered your code.

DigiCert® Code Signing certificates are ideal for software developers and organizations looking to fulfill security requirements, a DigiCert code signing certificate subscription offers options for cloud-based secure key private storage or the high-assurance Extended Validation (EV) required for signing Microsoft Windows drivers.

Read More >
  • 24x5 Standard Support
  • DigiCert CertCentral certificate management platform
  • FIPS 140-2 Level 2-compliant key storage (KeyLocker)
  • EV compatible with Microsoft attestation signing requirements
Code Signing Certificates

Features

In addition to protecting your organization, code signing certificates help you meet platform requirements, prevent security warnings, and ensure whatever you build is packaged in the highest level of digital trust.

Multi-factor authentication & signing authorization

Sign in with two-factor authentication (2FA) using a USB token and control signing with authorized-only HSM certificate keys.

Identity verification

Protect intellectual property with verification. Prove authenticity and protection against tampering.

Timestamping

Ensure added security with timestamped certificates. When your signature expires, it must be re-signed.

Integration compatibility

Integrate easily with universal platform compatibility, including Authenticode, Kernel Mode, and more.

Specifications

Platforms

  • Apache ANT & Maven
  • Azure DevOps
  • CircleCI
  • GitLab
  • Gradle
  • Jenkins

Client-Side Libraries

  • Apple CryptoTokenKit
  • Microsoft KSP
  • PKCS11
  • SmartCard Daemon

Marketplace Plug-in

  • Azure Visual Studio Marketplace
  • Github
  • Jenkins

Use cases

  • External Software Publications
  • In-House Tools & Applications
  • Repository Commits & Testing
  • Containers
  • Product / IoT Software Security
Code Signing Use Case Image

Frequently Asked Questions
 


Code signing allows you to confirm digital binaries haven’t been altered by attaching a digital certificate to the code. This certificate uses Public Key Infrastructure (PKI) to attest to the integrity of the code or software, and it attaches a cryptographically unique user and timestamp, so you know who signed the code and when.


You can sign all types and forms of digital binaries, including firmware, drivers, applications, containers, mobile apps, and even source code artifacts.


Effective June 1, 2023, code signing certificate key pairs may only be issued and stored in a Hardware Security Module (HSM) that meets or exceeds FIPS 140-2 Level 2 or Common Criteria EAL 4+ standards. This ensures the private key is protected and cannot be exported, leading to greater security.


In compliance with CA/B Forum regulations, DigiCert sets up private keys using secure tokens. You can get a token from DigiCert, or you can use your own, but you’ll need to set it up to sign code. Read about the setup process here.


DigCert certificate subscriptions allow you the flexibility to easily replace or reconfigure certificates and other licensed products, simplify budgeting by annualizing the fees associated with your certificates, and automate license renewals for streamlined certificate lifecycle management.

Related resources

Devops Guide Thumbnail Image
GUIDE

A Devops Guide to Frictionless, secure code signing

DigiCert Code Signing: Instilling Trust in Your Users - EN
DATASHEET

DigiCert Code Signing: Instilling Trust In Your Users

Frequently Asked Questions (FAQs) on code signing and Secure Software Manager - EN
FAQ

Frequently Asked Questions on Code Signing and Software Trust Manager

Learn how DigiCert solutions
can help you deliver digital trust

By supplying my personal information and clicking submit, I agree to receive communications about DigiCert products and services, and I agree to DigiCert and its affiliates processing my data in accordance with DigiCert's Privacy Policy.
Submit