A new generation of code signing certificate that allows developers and software companies to add a digital signature to an application distributed over the Internet and increase the security of certificate use. Any change in the signed application code is detected and the application will become untrustworthy. The new generation of Code Signing certificates secures code signing by using a hardware token, making certificate theft or misuse impossible.
- Pricefrom $630
- Validity1-3 years
- Secures Desktop and smartphone apps
- Compatible w/all major browsers
- Public key algorithm RSA
- Symmetric encryption256 bit
- Public key length3.072/4.096 bits
- Root CADigiCert Global Root
- Money-back guarantee30 days
- Certificate reissuefree and unlimited
- Multi-domain support (SAN)N/A
- Private key on tokenYES
Recommended certificate use
The certificate is used by leading software companies which, besides the digital signature of their application, require the highest digital signing security. A new generation of Code Signing certificates is useful when hackers would compromise your application authenticity and spread malware instead of genuine software.
What does Extended Signature (EV) signing for Code Signing mean?
Many of the large and well-known software manufacturers face hackers’ attempts to exploit their applications and spread malicious code under their name. A common problem is Code Signing certificate theft along with its private key. Then the hacker gets the chance to sign his malicious code with the manufacturer's certificate and gain end users’ trust.
The next-generation Code Signing EV certificate brings you the possibility to sign the code using a hardware token, which increases the certificate’s security to a new level. You do not need to worry about certificate misuse, even when a hacker steals the token; he could not use it. Theft of a private key usually means a certificate’s complete compromise, but not in the case of Code Signing EV certificates.
Code Signing EV guarantees you 100% trust in the SmartScreen Filter, which is a part of Windows. A common signature could be untrustworthy because SmartScreen assesses the signature's credibility by many other criteria. With the Code Signing EV certificate you can be sure that this does not happen.
Importance of EV Code Signing for Apps
The EV code signature is a revolutionary innovation for all application developers. The signature helps users trust applications and prevents the program from being blocked by the Windows Smartscreen Filter .
An application signed with EV Code Signing will never be blocked by SmartScreen.
Even if SmartScreen does not know the application, it could not be blocked. SmartScreen is able to block an application signed with a common Code Signing certificate if it does not have a good reputation and many downloads.
The second big advantage is a higher security of use. The certificate and its private key are stored on the HW token that you receive from the certification authority.
Storing keys on the HW token protects the certificate from misuse . You do not have to keep it on your computer and risk its theft. Both the certificate and the private key are stored on the HW token and you need a password to use it. Any thief would have to steal not only the HW token physically, but also know your password to use it.
You need the HW token every time you make a signature. When signing the application, the HW token service application asks for the password to unlock the private key and your application will be signed. You do not have to store the certificate on your computer and even if the token is stolen, the private key is password protected and the token will be blocked if the wrong password is given several times. This prevents the password from being broken by a dictionary attack.
Code Signing EV certificate and its signature delivers greater security of use, trusted signature, and protect certificate owner against theft and misuse of the certificate.The Code Signing EV certificate delivers greater security of use, a trusted signature, and protect certificate owner against theft and misuse of the certificate.
DigiCert Code Signing EV price list
You can use the certificate on all development platforms because it is universal. An application signed with the Code Signing EV certificate is always guaranteed to be trusted in the Windows SmartScreen filter.
- CA sells it for: $699
- Huge savings over the CA price
- CA sells it for: $1328
- Huge savings over the CA price
- Lower price per year than 1-year
- CA sells it for: $1992
- Huge savings over the CA price
- Lower price per year than 2-year
Prices are without VAT.
The certificate signature in the system
When you start the application signed by DigiCert Code Signing EV certificate, you see the initial executed fil information. The user trusts the application because there is a digital signature from the software manufacturer. In the details of the signature, the customer can find out the date of application signing, details about the certification authority, etc.
Choose the DigiCert Code Signing EV certificate for your application and platform.
The certificate is intended for signing .exe, .cab, .dll, .ocx, .msi, .xpi, and .xap files. It is required for Microsoft Windows Logo certification.
Certificate designed for Java applications for desktop and mobile devices. Signs .jar files and is compatible with the Java Runtime Environment (JRE).
Microsoft® Office and VBA
The certificate is intended for signing VBA objects and macros. Suitable for Microsoft Office and third-party VBA applications.
Digitally signs .air or .airi files. Necessary for all AIR-based applications.
The certificate for signing .apk files for Android.
Microsoft Windows Phone
Digitally signs the code for Windows Phone and Xbox 360. Signing is required to publish the application to the Microsoft App Hub.
Digitally signs the code for BREW platform.
FAQ - Frequently Asked Questions
Why is the certificate saved on a token?
Do I need a token to sign? Is it possible to export and use a certificate without a token?
What are the requirements for signing with a Code Signing certificate?
What platforms can the Code Signing certificate be used for?
From the perspective of the development environment, it again does not matter - the Code Signing certificate will work with any development environment that supports application and code signing. Windows typically uses Signtool, which is a part of the Windows SDK.
The only exception is with the Code Signing EV certificate - this type of certificate needs the Safenet support application for signing, which is available for Windows, Linux, and MacOS.