Sectigo CODE Signing certificate
The Sectigo Code Signature Certificate works across a wide range of platforms. It is used for signing applications and thanks to OV validation (Organization Validation), customers can identify the author of the signed code after downloading the software from the Internet and be assured of obtaining original, trusted software. The signed application is protected against code changes during distribution to users. The integrity of the content is thus confirmed, otherwise the software would be marked as untrustworthy. We also offer several other Code Signing certificates for signing applications and code for developers and software companies.
If you are interested in a certificate installed on your own token that meets FIPS 140-2 level 2 certification and above, please contact us.
Company Code Signing certificate
The Sectigo CODE Signing certificate is a quality branded CODE certificate for digital code signing. The Sectigo CODE Signing certificate and its private key is delivered on a HW token meeting the newly set strict criteria for storing CODE signing certificates. The Harware token is sent directly by Sectigo certification authority. Please note that the CODE certificate cannot be exported from the token due to security requirements. We recommend setting rules and procedures for signing software and code in teams.
Features and Benefits of Sectigo CODE Signing certificates
Code Signing Certificate maintains code integrity and prevents the misuse of the SW company name to distribute counterfeit software or modify code.
Signed applications help increase download numbers and sales revenue. Increased trust helps expand distribution channels for your software.
Signed software protects customers from malware and other malicious threats. A digital signature protects and reassures customers that the integrity of the code they have downloaded is ensured and that the program is intact, not damaged, or altered in any way. Increased trust promotes better user perception of the application.
Once downloaded, the user is sure that the code obtained actually comes from you as the publisher, which ensures the company's reputation. Code Signing Certificates allow customers to identify the author of a digitally signed code, making sure the program is from the company that is expected.
The offered Code Signing certificates can be used for Windows, MacOS and iOS operating systems without any problems. All certification authorities work with companies such as Microsoft or Apple and follow their recommendations and policies for issuing certificates according to the CA/Browser Forum.
30 Days Money Back Guarantee
Customer experience is the first and foremost priority for us. The selected SSL certificate is not suitable for your needs? Do you want another one? Or do you just want to cancel the order? We offer 30 Days Money Back Guarantee for all our customers. Check out our Refund Policy to know more.
Sectigo CODE Signing certificate offers developers quality code security at a very competitive price from the world's leading certificate authority. This Sectigo CODE Signing certificate is the cheapest Code certificate in our offer.
More information about Sectigo CODE Signing
What you should know before you place an order.
Company Validated CODE certificate
The organization's legal identity and/or DBA (doing business as) must be verified
Verification of the applicant for a Code certificate is performed based on the OV validation standards (Organization Validation). The certification authority first verifies the existence of the company and the address, most often in the company register. Subsequently, the existence of a telephone number is verified. CA Sectigo primarily recognizes the D&B (Duns&Bradstreet) database. If the D&B database contains an old or missing phone number, the records must be updated. However, it takes approximately 15 days to update. An alternative is the public database at Kompass.com, where a free record can be retrieved within 2-3 business days.
Once all information has been verified, the Certification Authority emails CallBack a request with a link to a page where a convenient time to call or "Call me now" can be selected. An automated call is then made and a numeric code is communicated and entered into the form. The code can be played multiple times. If everything is in order, after final validation, the certificate is issued.
Entrepreneur Programmer (self-employed with ID)
Verification (validation) of an individual is more document intensive than for companies. CA Sectigo must verify the personal identity of the individual applicant. This is done by supplying documents confirming the address (e.g. bank statement, phone bill) + copies of personal documents. Next, the telephone number is verified, again in the D&B database, and if everything is in order, a final telephone verification follows.
More information on CODE certificate validation is available on sectigo.com: OV Code Signing Validation for Organizations and Individuals.
Note i: If you are an entrepreneur, check the validation requirements first.
How long it takes to get the Sectigo CODE Signing certificate
The Certificate Authority performs light business authentication
The Certification Authority verifies the organization's legal identity. If the certification authority has sufficient documentation and telephone verification is done, it takes 3 to 5+ days to issue the certificate. If the authority can not confirm the legal, operational and physical existence of the company, the verification time is extended.
Renewing your certificate
You need to renew Sectigo CODE Signing certificate before it expires
We recommend to start renewing an expiring SSL certificate approx. 30 days before it expires. Renewing a CODE certificate is practically like applying for a new one and is therefore no faster. If you need to continue signing on an expiring certificate, definitely don't leave renewal to the last minute.
You can renew your Sectigo CODE Signing certificate with us without any problem even if you originally ordered it from another supplier. We always have better prices than the certification authority!
The security guard in the Windows ecosystem
With a standard Code Signing certificate, the developer must build a reputation to avoid a warning screen. Once a reputation has been built, new versions of an application can be signed with the same certificate and maintain the same reputation. However, code signing certificates need to be renewed. SmartScreen does not relate a renewed certificate to an expired one. This means that reputations need to be rebuilt every new CODE Signing certificate.
If the goal is to avoid SmartScreen, the only solution is to order an EV Code signing certificate.
For more information see What is Windows SmartScreen?
Time Stamping Server
Time Stamp Server & Stamping Protocols for Code Signing
Sectigo time stamping server information for using Code certificates: time stamping server help.
RFC3161 compliant Time Stamp Authority (TSA) server: http://timestamp.sectigo.com