OV Code Signing

OV Code Signing

Put your organization's name on every binary you distribute. OV Code Signing verifies and displays your verified company name, preventing “Unknown Publisher” warnings and building user trust from the first click.

Configure & Buy See how it works

Key Benefits

Organization name on installer

Your verified company name displayed when users install your software: eliminating “Unknown Publisher” warnings.

Tamper-evident signing

Any modification after signing cryptographically breaks the signature: Windows, macOS, and inspection tools detect tampering before the binary runs, protecting users from altered or repackaged software.

Trusted on all Windows versions

OV certificates prevent untrusted-publisher warning messages on Windows 11, Windows 10, Windows Server 2025, Server 2022, Server 2019, and every earlier supported Windows release with Authenticode.

Unlimited rekeys and reissues

Full operational flexibility: rekey or reissue the certificate at no additional cost throughout its lifetime, useful for HSM migrations, key rotation policies, or responding to compromise.

Who Is It For?

Software companies & ISVs

Distributing applications to end users who need to see a verified organization name on the installer.

Enterprise IT teams

Enterprise IT teams distributing internal tooling, management agents, custom utilities, and patch packages where a recognized corporate publisher name is required for software governance and GPO allowlisting.

Open source organizations

Open source organizations with a registered legal entity that want the organization’s verified name on distributed binaries: typical for foundations, vendor-backed projects, and maintainer collectives.

Any organization shipping software

Any organization shipping software that wants its verified legal name on every installer screen without the extended validation requirements or hardware-token constraints of EV Code Signing.

Purchase & Pricing

1. Select Certificate Duration

1 Year
$129.00/yr
2 Years
$116.10/yr
Save 10%
3 Years
$109.65/yr
Save 15%
4 Years
$103.20/yr
Save 20%
5 Years
$96.75/yr
Save 25%

2. Select Key Storage & Delivery (optional)

eSigner Cloud Signing

Sign anywhere using eSigner.com. No hardware required.
+ Subscription

YubiKey

Physical Token
+ $279.00
YubiKey Quantity $279 each

Standard

3–5 business days after validation (Continental US)

Express + $329.00

1 day after validation

Bring Your own Cloud HSM

Self-managed infrastructure
+ Starting at $500.00

SSL.com must attest your key to your chosen provider before issuing the certificate. This fee is a one-time charge per order.

AWS CloudHSM
Attestation Fee
$1,500
Google Cloud HSM
Attestation Fee
$1,500
Azure Dedicated HSM
Attestation Fee
$500.00

Looking for a simpler option? SSL.com eSigner for Code provides cloud-based signing with no HSM to provision, no attestation fee, and a lower total cost for most teams.

Bring your own on-premises HSM

SSL performs an attestation ceremony for your compliant on-premises HSM.
+ Custom Pricing

Please contact sales.

3. Validation Speed (optional)

Choose how quickly your organization or identity is validated before your certificate is issued.

Standard

3–5 day validation · 2–3 day US shipping Validation completed after all agreements, entity info submitted, and a successful callback to a listed phone number. Included

Expedited

2 business day validation · overnight US delivery 2 business days priority validation from first complete submission and callback. Token shipped overnight in continental US. +$599.00

Order Summary

ProductOV Code Signing
Term1 year
Rate$129.00/yr
Savings
Key storage
Signing subscription
ValidationStandard
Validation feeIncluded
Total $129.00

How It Works

1: Purchase

Select OV duration and complete your order.

2: Organization validation

SSL.com validates your organization using business registration documentation.

3: Certificate issued

Certificate issued with your verified organization name. Install on a FIPS token or enroll in eSigner for cloud signing.

4: Sign your code

Users see your organization's name on the installer screen.

5: Timestamp

Timestamp at signing to extend signature validity beyond certificate expiry.

Compliance & Standards

CA/B Forum Code Signing BR

Issued under current CA/Browser Forum Code Signing Baseline Requirements with all ballot resolutions applied. Hardware-backed private keys per the June 2023 key storage mandate for code signing certificates.

WebTrust for Code Signing BR

SSL.com is audited annually by BDO under WebTrust for Code Signing Baseline Requirements: the continuous independent assurance Microsoft and major code signing verification platforms require.

Microsoft Authenticode

Trusted on every supported Windows version: prevents the “Unknown publisher” SmartScreen warnings that deter users from installing software and block GPO-based enterprise deployment policies.

Frequently Asked Questions

OV signs with your organization's name and is trusted on Windows. EV provides the strongest verified publisher identity in SmartScreen prompts and is required for kernel-mode driver signing. Note: since 2024, Microsoft no longer grants EV-signed binaries immediate SmartScreen reputation: reputation builds through download volume for both OV and EV.

Each certificate is issued to the organization but should be used by a single authorized signer. For multiple signers, each needs their own certificate or use a shared eSigner account.

No: if you timestamp at signing time, the signature remains valid indefinitely even after the certificate expires.

Yes: eligible for 30-day unconditional refunds per SSL.com's refund policy.

Ready to get OV Code Signing?

Put your verified organization name on every installer: trusted on all Windows versions from day one.
Configure & Buy

Related Products

IV Code Signing

Individual Validated code signing: your verified personal name on the installer. No business entity required; the lowest-cost path to Authenticode signing for solo developers.
Learn more

EV Code Signing

Extended Validation code signing: immediate SmartScreen reputation benefit, kernel-mode driver signing eligibility, and the strongest verified publisher signal for registered organizations.
Learn more

eSigner for Code

Cloud HSM signing for CI/CD pipelines: no hardware token required. Works with OV certificates.

Learn more

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

For more information read our Cookie and privacy statement.

3rd Party Cookies

This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Show details
Powered by  GDPR Cookie Compliance