What is a Code Signing Certificate?
A Code Signing Certificate is a digital certificate that contains information that fully identities an entity and is issued by a Certificate Authority such as GlobalSign. The Digital Certificate binds the identity of an individual or entity to a public key that is mathematically related to a private key pair. The use of private and public key systems is called Public Key Infrastructure (PKI). The developer signs code with its private key and the end user uses the developer’s public key to verify the developers identity. Learn more about Code Signing and the differences between signed and unsigned code.
Code Signing For Software Vendors and Organizations
GlobalSign Code Signing Certificates are used by developers on all platforms to digitally sign the applications and software they distribute over the Internet. Code Signing essentially provides the same assurance as a shrink wrapped CD as the signed code includes the name of the publisher and assurance that the code hasn't been tampered with since being published. Anyone downloading software off of the internet can make a decision whether or not to trust the software.
Code Signing Certificates use a unique cryptographic hash to bind the identity of the publisher to the software. Security warnings that appear with unsigned code are replaced with notifications containing the software publisher's information, preventing users from abandoning the install and increasing download rates. Signing code adds an essential layer of trust to the installation process.
Code Signing proves the signed software is legitimate, comes from a known software vendor, and that the code has not been tampered with since being published. Code Signing prevents users abandoning the installation of an application due to security warning messages, malicious alternation of legitimate code, and identity theft of vendor author.
|Standard Code Signing Certificates||Extended Validation (EV) Code Signing Certificates|
|Information displayed in Certificate||Organization Name||Organization Name
Type of Organization
|Removes "unknown publisher" security warnings|
|Signature does not expire when Time Stamping is applied||Time stamping mandatory|
|Sign an unlimited number of applications|
|Compatible with major platforms (Authenticode, Office VBA, Java, Adobe AIR, Mac OS, Mozilla)|
|Certificate stored on hardware token||No|
|Immediate reputation with Microsoft SmartScreen||No|
|Buy Now||Buy Now|
Standard vs. EV Code Signing Certificates
EV Code Signing certificates build on the existing benefits of standard Code Signing certificates to offer stronger levels of assurance that the identity of the publisher is correct and has been verified.
- Strict vetting process assures end users that the identity of the publisher has been verified
- Certificate stored on USB token reduces the risk that the certificate will be stolen or compromised
- Immediate reputation with Microsoft SmartScreen Filter removes scary warning messages to end users that the application might be malicious
Multiple Platform Support
GlobalSign Code Signing Certificates support multiple platforms using the same certificate.
Digitally sign Windows 32 and 64 bit files including .exe, .cab, .dll, .ocx, .msi, .xpi, and .xap, ActiveX controls, and kernel software.
Establish instant reputation with Microsoft SmartScreen by signing your applications with an EV Code Signing Certificate.
Adobe AIR usage
Digitally sign Adobe AIR applications. Adobe requires all AIR applications to be digitally signed in order to run successfully.
Digitally sign applications, plug-ins and content for Mac OS desktops.
Mozilla & Netscape Objects
Digitally sign Mozilla and legacy Netscape Object files.
MS Office & VBA
Digitally sign macros and Visual Basic Applications (VBA). Compatible with Microsoft Office and other applications using VBA.
Digitally sign .jar files and Java applications for desktop and mobile devices. Recognized by Java Runtime Environment (JRE).