What is a Code Signing Certificate?

A Code Signing Certificate is a digital certificate that verifies the authenticity and integrity of software applications, scripts, and code. By signing their code, developers and organisations can assure users that the software is from a trusted source and has not been tampered with during transmission. The certificate binds the identity of the developer or organisation to the code, allowing users to verify that the software is legitimate and safe to install.

Who Needs a Code Signing Certificate?

1. Software Developers: Developers of desktop applications, mobile apps, and browser plugins use Code Signing Certificates to establish trust with users and prevent malicious tampering.
2. Enterprise Solutions: Companies that develop internal applications for employee use can sign their code to maintain security and confidence among their workforce.
3. Open-Source Projects: Open-source contributors can sign their code to assure users of the authenticity of their contributions and foster a trustworthy environment.
4. Web Developers: Web developers creating scripts or ActiveX controls may need to sign their code to avoid security warnings and enhance user confidence.
5. IT Departments: Organisations that distribute software internally or to clients can utilise Code Signing Certificates to ensure their software is trustworthy and secure.

Why Choose ACE for Code Signing Solutions?

At ACE, we understand the critical importance of trust and security in software distribution. Our Code Signing Certificates provide an added layer of assurance, allowing developers and organisations to establish their credibility in the digital landscape. With our commitment to exceptional service, we guide our clients through the process of obtaining and implementing Code Signing Certificates seamlessly.

Our team of experts is dedicated to ensuring that your software is protected and your reputation is upheld. By choosing ACE, you benefit from:

• Expert Guidance: Our knowledgeable team will assist you in selecting the right Code Signing Certificate that meets your specific needs.
• Timely Support: We pride ourselves on providing prompt support, ensuring you can focus on your development without unnecessary delays.
• Comprehensive Solutions: Beyond just Code Signing, ACE offers a suite of security solutions tailored to protect your digital assets.

With ACE as your partner, you can confidently navigate the complexities of software security and elevate the trustworthiness of your applications.

GlobalSign supports installing both Standard and EV Code Signing Certificates on physical HSMs (Hardware Security Modules) or cloud-based HSM services such as Azure Key Vault, AWS CloudHSM, Google KMS, HashiCorp Vault, among others.

Note: According to the new CAB Forum guidelines, from June 2023 onwards, private keys for Code Signing Certificates must be stored in HSMs compliant with FIPS 140 Level 2 or 3.

For more details on deployment options, feel free to contact us.

Note: USB tokens are not included in HSM or Key Vault deployments.

Multiple Platform Support

GlobalSign’s Code Signing Certificates support multiple platforms using the same certificate.

MS Authenticode
Adobe AIR
Apple
Mozilla & Netscape Objects
Macros & VBA
Java
Microsoft SignTool
Visual Studio

You can sign Windows Builds, Container Images, Kernel Drivers, Jar Files and a variety of other use cases with GlobalSign’s Code Signing Certificates.

Standard vs. EV Code Signing Certificates

Extended Validation (EV) Code Signing Certificates build upon the benefits of standard code signing certificates by offering a higher level of assurance regarding the accuracy and verification of the publisher’s identity.

The rigorous vetting process for EV Code Signing Certificates ensures that the publisher’s identity has been thoroughly validated. Furthermore, EV Code Signing Certificates are mandatory for accessing the Windows Hardware Developer Centre Dashboard Portal, where all kernel-mode drivers targeting Windows 10 (Build 1607 and later) must be signed.