Microsoft Authenticode Code Signing Certificates

Benefits of choosing a Qualified Trust Service Provider (QTSP) like GlobalSign

  • - Show your Microsoft applications and kernel software are from a trusted developer
  • - GlobalSign Code Signing Certificates for Microsoft Authenticode are used to sign 32 and 64 bit files including .exe, .cab, .dll, .ocx, .msi, .xpi, .xap, ActiveX controls, and kernel software
  • - Signing your Windows files and applications binds your identity to them, protects them from tampering, and can help prevent users from abandoning the installation process by removing alarming security messages that accompany unsigned code
  • - When you sign Microsoft Authenticode with a digital certificate, users know that the plug-ins, software, and code they are downloading is coming from a trusted source. Authenticate your identity, and eliminate error messages that warn against downloading malicious code with code signing certificates from GlobalSign.

Why Sign Code?

Not Signed

When Microsoft client applications such as Internet Explorer,Exchange, Outlook and Outlook Express encounter unsigned executable, the end user is alerted with a security warning stating "This file does not have a valid digital signature that verifies its publisher. You should only run software from publishers you trust."


Windows applications and executable that have been signed with a Code Signing certificate display the publisher's name, making it easy for the end user to identify them as a trustworthy source and proceed with the download.

Features & Benefits

  • Removes "Unknown Publisher" security warnings when code is downloaded
  • Signature does not expire due to timestamping service, even after the certificate expires
  • Choose the private key storage option that works best for you - a GlobalSign-provided cryptographic token, your own HSM, or Azure Key Vault
  • Sign an unlimited number of apps
  • Protect your brand and reputation
  Standard Code Signing Certificates Extended Validation (EV) Code Signing Certificates
Certificate Features
Information displayed in Certificate Organization Name Organization Name
Organization address
Type of Organization
Removes "unknown publisher" security warnings
Signature does not expire when Time Stamping is applied Time stamping available & recommended Time stamping available & recommended
Sign an unlimited number of applications
Compatible with major platforms (Authenticode, Office VBA, Java, Adobe AIR, Mac OS, Mozilla)
Key storage options

You have a choice of storing keys on a token or HSM, not provided by GlobalSign.


Token options (choose “Token Implementation” at checkout):
- Cryptographic USB token^
- Other hardware storage token
- SD card or USB token


HSM options (choose “HSM Implementation” at checkout):
- HSM*
- Azure Key Vault

By default, a cryptographic USB token is included with EV Code Signing Certificates.


If you’d prefer, EV Code Signing Certificates can be stored on an HSM* or Azure Key Vault (provided by customer). Please select the “HSM Implementation” option at checkout.

Immediate reputation with Microsoft SmartScreen No
  Buy Now Buy Now Learn More

*GlobalSign allows standard and EV Code Signing Certificates to be installed on customer HSMs or in Azure Key Vault. Contact us for more information about these deployment options.
^USB token not included in HSM or Key Vault deployments.