Code Signing Certificates

Protected by SSL.com Digital Authentication Services

As low as $64.50 /year

What is code signing?

Code Signing is a method of using an X.509 certificate to place a digital signature on a file, program, or software update which guarantees that the file or software has not been tampered with or compromised. It’s a means of providing an added level of assurance to the user that the item is authentic and safe to use.

More info

Code Signing is a method of using an X.509 certificate to place a digital signature on a file, program, or software update which guarantees that the file or software has not been tampered with or compromised. It’s a means of providing an added level of assurance to the user that the item is authentic and safe to use.

Software developers digitally sign their software programs, apps, and drivers, with code signing certificates to prevent tampering or compromise of applications by unauthorized parties.

These digital certificates are especially useful in applications that are distributed through the Internet, where applications can pass through a number of suspicious parties or websites before it finally gets downloaded and installed.

Unsigned applications can easily be altered to include malware or viruses, and these untrusted applications will display warning messages resulting in lower installation yields. A code signing certificate issued from a trusted Certificate Authority such as SSL.com can prevent all of those problems.
Code signing certificates can be enrolled to SSL.com eSigner cloud code signing service which lets you conveniently add globally trusted digital signatures and timestamps to your software code from anywhere, with no need for USB tokens, HSMs, or other special hardware.

eSigner’s digital signatures use PKI-based digital certificates that bind an identity (such as a person or company) to a cryptographic key pair. When a file like a PDF or Word document, executable application, or driver is digitally signed, a cryptographic hash of the document’s content and the identity of the signatory are bound together to form a unique digital fingerprint, ensuring:

Code signing certificates can be enrolled to SSL.com eSigner cloud code signing service which lets you conveniently add globally trusted digital signatures and timestamps to your software code from anywhere, with no need for USB tokens, HSMs, or other special hardware.

eSigner information is available on SSL.com’s main eSigner page. Please read Remote Code Signing with eSigner for information on enrollment and use
eSigner CKA (Cloud Key Adapter) is also available, allowing tools such as SignTool.exe or Certutil.exe to use eSigner CSC for EV code signing operations
Supports CI/CD integration for full automation of signings

Organization Validation (OV) Code Signing Certificate

The SSL.com OV Code Signing Certificate is suitable for organizations like software publishing companies who wish to sign their software applications with an organization’s validated identity. The OV code signing certificate works best for teams that sign with a shared organizational identity.

Why should you use a Code Signing Certificate?

Displays "Signed by Your Company Name" on installer screen

Trusted on all versions of Windows

Prevents untrusted warning messages

High assurance Organization Validated (OV)

Unlimited rekeys and reprocesses (for soft keys)

30 Day Unconditional Refund

Personal Identity Code Signing Certificate

The Personal Identity or Individual Validation (IV) Code Signing Certificate applies digital signatures with a validated personal name instead of an organization, perfect for independent software developers and individual project contributors who wish to increase confidence and trust from their users.

Which Level of Validation Code Signing Certificate do I Need?

Not sure which type of validation you need? Our table below breaks down the features between EV and OV certificates so you can make the right decision.

Tier	Recommended For	Deposit Amount	Discount
1	Individuals, “pay as you go”	$0.00	None
2	Professionals, DBAs, contractors	$2,500.00	~20% off
3	Small to medium-sized businesses	$4,000.00	~25% off
4	Large businesses	$5,000.00	~30% off
5	Enterprise organizations	$20,000.00	~40% off
6	Enterprise organizations	$35,000.00	~50% off
7	Enterprise organizations	$50,000.00	~65% off

Starting June 1, 2023, SSL.com’s Organization Validation (OV) and Individual Validation (IV) Code Signing Certificates will only be issued either on Federal Information Processing Standard 140-2 (FIPS 140-2) USB tokens or through our eSigner cloud code signing service. This change is in compliance with the Certificate Authority/Browser (CA/B) Forum’s new key storage requirements to increase security for code signing keys. The previous rule allowed OV and IV code signing certificates to be issued as downloadable files from the internet. Since the new requirements only allow the use of encrypted USB tokens or cloud-based FIPS compliant hardware appliances to store the certificate and private key, it is expected that instances of code signing keys being stolen and misused by malicious actors will be greatly reduced.

Learn more about SSL.com eSigner

Name	Provider	Purpose	Expiration
Google Analytics	Google	Collect anonymous information such as the number of visitors to the site, and the most popular pages.	365 days
StatCounter Analytics	StatCounter	Collect anonymous information such as the number of visitors to the site, and the most popular pages.	365 days

SSL/TLS Certificates

eSigner

Become An SSL.com Partner

Careers

Contact Us