A code signing certificate is a digital certificate used to sign software, scripts, or executables.
These certificates are commonly used in software distribution to provide trust and assurance to users, confirming that the software they are downloading or installing is legitimate and has not been modified by malicious actors.
In compliance with CA/B Forum changes to certificate validity, we no longer issue 2-year or 3-year Code Signing Certificates. Only 1-year (366-day) Code Signing Certificates are now available. Learn more HERE.
Organization Validation (OV)
Provides verification of the publishers identity ensuring the software comes from a legitimate source, protecting against unauthorized code distribution.
Displays publishers name in the operating system providing reassurance of the software's code.
Supports timestamping which ensures long-term validation of your code and maintains trust in the software overtime.
Extended Validation (EV)
Offer the highest level of security and undergoes a rigorous validation process, ensuring the highest level of trust.
Displays the software publisher name and other visual indicators during the installation process, reducing installation warnings or security prompts.
Supports timestamping which ensures long-term validation of your code and maintains trust in the software overtime.
Optimize Your Security with GlobalSign: Top Code Signing Applications
-
Code Signing Certificates to secure your executable files
Secure your executables to prevent unauthorized modifications and ensure the integrity of your software. Choose between Standard and Extended Validation (EV) certificates to meet your security needs and protect your software applications and DevOps pipelines.
-
Signing container images using GlobalSign Certificates and Azure Key Vault
Sign and verify container images using a Code Signing Certificate issued by GlobalSign via Azure Key Vault. This helps identify, authorize, and validate the identity of both the publisher of the container image and the container image itself.
-
Code Signing Certificates issued using Azure Key-Vault and Azure Signtool
Code Signing certificates ensure the security, integrity, and trustworthiness of software deployed and managed in Microsoft Azure environments. They help protect against unauthorized code modification, mitigate security risks, and build trust with users and customers.
-
Code Signing Certificates issued using AWS CloudHSM
Code Signing certificates can be used to securely sign Windows drivers and builds, leveraging dedicated HSMs for key management and cryptographic operations, thereby enhancing their trustworthiness and ensuring security.
Digitally Sign Across Multiple Platforms with One Certificate
Certificate Validity Changes: Frequently Asked Questions
Can we still purchase 1, 2 and 3 Year validity certificates up until the deadline?
No, the last date to order 2 and 3 year validity certificates was the 26th December 2025. Any newly issued certificate after the 26th December 2025 will be a 1 year (366 day) certificate.
If 3 year certificates are no longer allowed, what date did you stop issuing them?
26th December 2025.
When will 2 year certificates stop being issued?
26th December 2025, along with 3 year certificates.
What date will GlobalSign move to issuing only 366-day certificates?
We are only issuing 1 year (366 day) certificates now.
Under what circumstances will customers be able to get up to 460 day certificates?
This applies only when customers return for renewals, as we offer a renewal bonus and carry forward the remaining validity of the previous certificate. Note: 460 days is not a standard validity period, but the maximum allowed for a certificate.
Where can I read more about these changes?
Please refer to our blog for more information on this: https://www.globalsign.com/en/blog/code-signing-validity-changes
You can sign Windows Builds, Container Images, Kernel Drivers, Jar Files and a variety of other use cases with GlobalSign’s Code Signing Certificates.
Compliance Requirements for Code Signing Certificates
GlobalSign understands heightened concerns around securing codes and code signing processes at your company. Our key storage options include Token or HSM implementation (HSM's are not provided):
- Compliance with industry standards which require the strongest key protection possible, i.e. FIPS 140 Level 2 or Common Criteria EAL 4+ compliant.
- GlobalSign Code Signing Certificates are automatically shipped with a standards-compliant cryptographic USB token (HSM implementation option is available if selected at checkout).
- Azure Key Vault HSM compatibility.
