sales@ssltrust.co.nz

Code Signing Certificates

Protect Your Code with an Application Signing Certificate

Code Signing Certificates (also known as Application Signing Certificates and Digital Signing Certificates) allow you to add your digital signature to applications, drivers, executables, and other key files. This gives reassurance to anyone downloading or receiving the file that it is safe and has not been tampered with.

Importantly, Code Signing Certificates eliminate browser warnings when someone tries to download executables or other files from your server, making them invaluable if you are in the business of distributing software or code. Browse our range of top-quality options with prices starting from $/yr.

Need a quick option? Our Verokey secure code signing certificate provides an affordable and reliable way to ensure code integrity and can be issued within just 1-3 days.

Our Top Code Signing Certificates

Validations

Prices

	Lowest Price	Secures	Validation	Provisioning	Smart Screen	Issuance Time
VerokeySecure Code Individual or Business	$ / yr $ Saved	Code & App Signing	Business OV	USB Token HSM		1-3 Days Instant	Buy Now
VerokeyHigh Assurance Secure Code Rapid Smartscreen Reputation Top Recommendation	$ / yr $ Saved	Code & App Signing	Extended Business EV	USB Token HSM		1-5 Days Instant	Buy Now
SectigoCode Signing	$ / yr $ Saved	Code & App Signing	Business OV	USB Token		3-5 Days	Buy Now
SectigoEV Code Signing Certificate Rapid SmartScreen Reputation	$ / yr $ Saved	Code & App Signing	Extended Business EV	USB Token		3-7 Days	Buy Now
DigiCertCode Signing Certificate Individual or Business	$ / yr $ Saved	Code & App Signing	Business OV	USB Token HSM		1-3 Days Instant	Buy Now
DigiCertEV Code Signing Certificate Rapid Smartscreen Reputation	$ / yr $ Saved	Code & App Signing	Extended Business EV	USB Token HSM		1-5 Days Instant	Buy Now

Not sure which one?

Try our new SSL Selector to get the right Certificate for your requirements...

Product Descriptions

Verokey Secure Code

Lowest price gurantee, starting as low as $ /yr

Verokey Secure Code is an essential solution for developers looking to protect their software from tampering and ensure a trusted user experience. Built on DigiCert’s trusted root, this code signing certificate verifies your identity as a publisher and prevents "unknown publisher" warnings. Offering strong encryption, universal platform compatibility, and seamless integration with Windows, macOS, Java, and more, it’s an affordable and efficient way to maintain software integrity while streamlining installation processes for end users.

Top Recommendation

Verokey High Assurance Secure Code

Lowest price gurantee, starting as low as $ /yr

Verokey High Assurance Secure Code is an Extended Validation (EV) Code Signing certificate designed to provide the highest level of trust and security for software publishers. With EV validation, your organisation’s identity is fully verified, helping to eliminate Microsoft SmartScreen warnings and increase user confidence. Ideal for developers and software companies that require enhanced reputation and security, this certificate ensures a smooth installation process while protecting against code tampering and malware distribution.

Sectigo Code Signing

Lowest price gurantee, starting as low as $ /yr

Sectigo Code Signing is a cost-effective solution for developers and businesses that need to authenticate and protect their software. By digitally signing your applications, it assures users that your code is safe to install and has not been altered by third parties. Compatible with major platforms like Windows, macOS, and Java, it helps prevent security warnings while improving software adoption rates. With a simple validation process and strong encryption, this certificate is perfect for individual developers and small businesses.

Sectigo EV Code Signing Certificate

Lowest price gurantee, starting as low as $ /yr

Sectigo EV Code Signing offers the highest level of software security by displaying your verified organisation details and removing Microsoft SmartScreen warnings. This certificate ensures a seamless installation experience for users while protecting your code from tampering and malware injection. Ideal for software publishers and enterprises, it enhances trust, prevents security alerts, and complies with industry best practices for digital signatures across all major operating systems.

DigiCert Code Signing Certificate

Lowest price gurantee, starting as low as $ /yr

DigiCert Code Signing is a premium certificate trusted by major software developers and enterprises worldwide. With its strong encryption and publisher identity verification, it prevents "unknown publisher" warnings and enhances software credibility. Compatible with all major platforms, including Windows, macOS, Java, and Adobe AIR, it ensures your software remains protected against tampering while maintaining seamless distribution and user trust.

DigiCert EV Code Signing Certificate

Lowest price gurantee, starting as low as $ /yr

DigiCert EV Code Signing provides maximum security and reputation protection for software publishers. Featuring Extended Validation, this certificate removes Microsoft SmartScreen warnings, helping improve download rates and user confidence. With hardware token storage for added security, strong encryption, and full compatibility with Windows, macOS, and Java, it is the go-to solution for businesses that need the highest level of assurance and protection for their applications.

Do you need to Sign your Code?

Code Signing Increases User Trust

Instill trust in your applications, drivers, executables, and software programs using a Code Signing Certificate. By digitally signing your code, you assure end-users that unauthorised parties have not tampered with or compromised the software.

This helps alleviate untrusted developer warnings, enhance user confidence and minimise potential security concerns. These digital certificates include your signature, company name, and, optionally, a timestamp, reinforcing trust and credibility.

Safeguard Your Intellectual Property: Code signing certificates offer robust protection, enabling customers to verify the authenticity of their code and detect any unauthorised alterations. This safeguards both parties against fraud, malware, and theft, ensuring the integrity of your intellectual property.
Enhance User Experience: Digitally signed programs can bypass warning messages during download and installation, ensuring a seamless user experience and encouraging greater adoption of your software. Smooth and professional software installation is crucial for user satisfaction.
Streamlined Monitoring and Enforcement: Digitally signing code streamlines monitoring processes, making identifying any modifications to files simple. Additionally, code signed with a timestamp assures users that the code was authenticated with a valid certificate, reinforcing trust and reliability beyond the certificate’s expiration.
Compliance with Platform Requirements: Partners, channels, and platforms distributing your software prioritise data security. Signing your software demonstrates a commitment to protecting their customers’ data, meeting contractual obligations, and maintaining trust in your products and services.

Why EV Code Signing?

Extended Validation for Added Trust

Extended Validation (EV) Code Signing Certificates surpass the standard code signing certificate, undergoing rigorous vetting and adhering to strict hardware security standards. This assures users of your applications’ utmost integrity and authenticity, reducing or eliminating untrusted developer warnings during installation and fostering greater confidence in your software products.

Windows Smart Screen Defender

By acquiring an EV Code Signing Certificate, you can build trusted status faster on the Microsoft Defender SmartScreen® Reputation filter, effectively minimising warning messages and enhancing both brand reputation and end-user trust.

What comes with your Certificate?

Code Signing Features and Benefits

Code Signing Certificates offer versatile solutions for various scenarios. Our certificates encompass standard features, while the EV range provides additional heightened security and authenticity options.

Enhanced Security with Two-Factor Authentication

Your private key is securely stored on a USB device provided upon certificate purchase. Only those with physical access to the device can utilise your EV code signing certificate, ensuring reinforced authentication and heightened security.

Extended Validity with Time-Sensitive Signing

Opting for a timestamp ensures your unique digital signature remains valid even after the original EV code signing certificate expires. This feature extends the lifespan of your signature, eliminating the need for frequent re-signing when certificates expire.

Trusted Status on Microsoft Defender SmartScreen

With an EV Code Signing Certificate, you can attain trusted status faster on the Microsoft Defender SmartScreen® Reputation filter, minimising warning messages and bolstering brand reputation and end-user confidence.

Hardware Security Module Support

Verokey and DigiCert Code Signing Certificates are compatible with Hardware Security Modules (HSMs), granting greater control over certificates and private keys. Authorised personnel within your organisation can utilise the stored certificate for code-signing purposes.

Seamless Platform Compatibility

Enjoy universal compatibility across platforms without the need for certificate re-issuance. Whether for Authenticode, Kernel Mode, or other platforms, your Code Signing Certificate remains versatile and practical.

How Code Signing Works

After writing your code, using cryptographic techniques, you will apply your certificate, creating a digital signature ready for distribution. When users run the software, their system verifies the digital signature against the embedded certificate. If valid, the code is deemed authentic and safe to execute.

Code Signing Process

Original Code Hash

Your code will be read, and a Hash Digest will be created, unique to your code.

Encrypting the Hash

Using your Private Key, the Hash Digest will be encrypted. This encrypted Hash and a signature block will be added to your software.

Certificate and Timestamp Added

The public Certificate and a Timestamp will also be added to your software.

Code Verification Process

Original Code Hash

The user’s system will read the code and generate a new Hash Digest.

Decrypt Included Hash

The Encrypted Hash Digest will be decrypted using your Certificate, and it will be checked to see if it matches the newly generated Hash Digest.

Timestamp Checked

The timestamp will be checked to verify the valid Certificate used at the time of signing.

What our Customers say...

We are committed to providing unparalleled customer service and ensuring our customers consistently receive the utmost quality experience.

Avrohom Zeffren.

Avrohom Zeffren

We've been using SSLTrust for a few years now and it's been such a pleasant experience.We have a pretty unique setup and we need help from customer service every so often for our multiple certificates. Paul has been extremely helpful and responsive.I highly recommend their services!

Trevor Hart.

Very happy with the service from SSLTrust! I had to organise a code signing certificate with a hardware token. Having somewhere local made the process much smoother for verification. Support is also very quick to answer which is a great change!

Code Signing Experts are ready to help.

Don’t hesitate to contact us for comprehensive support with any Digital Certificate inquiries. Our team can assist you through email, live chat, or a quick phone call!

Paul Baka
SSLTrust Account Manager
Paul is considered to be SSLTrust's leading Cyber Security Expert and most knowledgeable on SSL/TLS Certificates and PKI Solutions.
Jeremy Schatten
SSL/TLS Platform Expert
Jeremy is our expert when it comes to installing any SSL Certificate and configuring a system to best security practices.

Frequently Asked Questions

: A code signing certificate serves to authenticate the source and integrity of software code. It digitally signs the code, verifying the software developer or publisher’s identity and ensuring that the code has not been tampered with since it was signed. This process helps users trust the software they download, as they can verify its authenticity and know malicious parties haven’t altered it.
: To obtain a code signing certificate, follow these general steps:
Choose a Certificate Authority (CA): Select a reputable CA that offers code signing certificates.
Submit the Configuration: Submit the order configuration to the chosen CA and any required validation documentation.
Complete Validation: The CA will verify your identity and organisation details through various methods, such as individual or organisation validation.
Receive the Certificate: The CA will issue the code signing certificate once validated. If it is to be on a USB Token, it will be shipped to you.
Sign Your Code: Use the certificate to sign your software code before digital distribution.
Distribute Your Signed Code: Distribute your signed code along with the certificate, allowing users to verify its authenticity when they install or run the software.
It's important to note that the specific steps may vary slightly depending on the CA and the code signing tool you're using.
: Technically, you can create your code-signing certificate using tools like OpenSSL, which allows you to generate a self-signed certificate.
However, self-signed certificates are not trusted by default by most operating systems and software platforms. When you sign code with a self-signed certificate, users will typically receive security warnings or errors when attempting to run or install the software, as the certificate cannot be verified by a trusted Certificate Authority (CA).
For code signing certificates to be widely trusted and practical, they should be issued by a trusted CA. This involves a validation process where the CA verifies your identity and organisation details before issuing the certificate. This ensures that the certificate is trusted by operating systems and software platforms, reducing the likelihood of an unknown publisher warning or error.
Therefore, while you can technically create your own code signing certificate, obtaining one from a trusted CA is recommended to ensure widespread trust and compatibility with users’ systems.
: The main difference between a TLS (Transport Layer Security) certificate and a code signing certificate lies in their purpose and usage:
TLS Certificate:
Purpose: TLS certificates secure data transmitted over a network, typically between a web server and a web browser. They encrypt communication to ensure privacy and integrity.
Usage: TLS certificates are typically used for securing websites (HTTPS), email servers (SMTP, IMAP, POP), virtual private networks (VPNs), and other network protocols.
Code Signing Certificate:
Purpose: Code signing certificates digitally sign software code or scripts. They verify the authenticity and integrity of the code, assuring users that it comes from a trusted source and has not been tampered with.
Usage: Code signing certificates are commonly used by software developers and publishers to sign executable files, installers, scripts, and other types of code. This allows users to verify the identity of the software publisher and ensure that malicious actors have not modified the code.
In summary, TLS certificates are primarily used to secure data transmitted over a network, while code signing certificates are used to verify the authenticity and integrity of software code.