Don’t let software signing mistakes ruin your next application project. Discover how to fix nine of the most common errors faced by software developers and publishers to avoid shipping vulnerable products We all make mistakes — we’re human, after all. However, sometimes oversights can have…
Blogging About Everything Software Security – Threats, Updates, Best Practices, Tips, & More
Software touches the everyday lives of billions of people around the world. They rely on us (the software industry) to deliver dependable, safe applications for them to use. This blog is dedicated to working together to do our part to make the (software) world a better place…one piece of software at a time!
F4baaa8135e0f9a993f0258a4d095db475096896bd3adb48369f1f70c1f0d9d4. Wondering what that is? It’s the file hash for VLC for Windows. Explore the meaning behind gibberish strings like this that are used by many but known by few In 2021, IBM reports that organizations took an…
Have you published or downloaded code today? Did you know that 79.1% of the malware samples reported to Spamhaus in October 2022 were infected .exe files? Discover the potential consequences of releasing or downloading unsigned codes. Find out…
In 3Q 2022, IBM’s software segment alone took home $5.8 billion in revenue. Did their focus on marketing contribute to its success? It surely did. Discover 19 breakthrough marketing ideas for software companies that’ll help you propel your business’s…
53% of consumers say they’ll only buy from companies that are known for protecting customers’ data. Discover how to develop, maintain and operate trustworthy web applications. Toughen up your internal and external apps against attacks while balancing…
In 2021, the average public SaaS company had around 36,000 customers. What about your organization? If you’re interested in increasing the number of customers coming through your virtual door, you’ll need to implement powerful lead generation strategies…
Despite the glooming global economic outlook for 2023, Gartner’s gurus are forecasting $195 billion in end-user spending on SaaS. That represents a 16.8% year-over-year growth. Want a slice of the pie? Discover nine unbeatable SaaS marketing tips that’ll help you…
Local file inclusion (LFI), structured query language injection (SQLi), and cross-site scripting (XSS) — these three attack vectors were used in the majority of the 9+ billion web applications and API attacks in the first half of 2022.…
Observing software development best practices is crucial when your project is the next version of an existing application that has thousands or millions of users. You may not be aware that most projects are written using…
Tactics Cybercriminals Use to Hide or Mask Their Identity Cyber predators and cybercriminals aren’t like bad guys in movies and cartoons. They don’t go around on the internet with a flashing sign above them announcing, “I’m…
Digital Identity Helps You Stay Safe on the Web Whenever people think about digital identity in terms of online security, their thought process typically revolves around ways to protect your own digital identity. And that makes…
How to Talk to Your Kids & Teens About Cyber Threats Starting a conversation about internet safety isn’t easy and comes with many challenges. How early should you start talking to them about predators and cyberbullying?…
The “How Tos” of Internet Safety for Kids & Teens Kids and teenagers today are typically thought of as “digital natives.” They were born a decade or two after the modern internet era began with America Online’s monthly…
Internet Safety Tips for Parents & Teachers With the help of Detective Cronister and Professor Kshetri, we’ve put together a list of internet safety tips you can use to help keep kids and teens safe in…
Educational Resources Although we’ve already given you a lot of tips and other information to consider, we’re not done yet. Below, you’ll find a list of additional resources that you can use to educate yourself and…
Parents and teachers: Are you looking for a great list of downloadable resources that you can give out to children and teenagers? Then look no further. These helpful cheat sheets will provide them with some quick…
New users – if this is your first time purchasing a cloud signing product from us, check the email address entered during enrollment for a message from DigiCert. Create your password and follow this guide.
Existing users – if you’ve purchased a cloud signing certificate in this account before, you already have an account. We’ve update your DigiCert CertCentral account to allow another Code Signing Certificate request. Login to your account here.
suspension note
In order to comply with U.S. export control and economic sanctions laws and regulations, as well as our corporate policies, we do not support users accessing our applications from Cuba, Iran, North Korea, Syria, and the regions of Crimea, Donetsk People’s Republic (DNR) and Luhansk People’s Republic (LNR) of Ukraine without prior approval from the U.S. government.
Please be aware that these restrictions apply even when a user is on temporary travel to embargoed regions although the user may not normally reside there. If you believe that you have reached this page in error, please reach out to support.
Code Signing Certificate Delivery Options
Industry standards set by the CA/B Forum now require that all code signing certificate keys be stored on a FIPS-compliant hardware security module (HSM) or hardware token. This is an industry-wide countermeasure against the rise in breaches associated with stolen signing keys. Only certificates that follow these requirements will be trusted by Microsoft Windows and other platforms.
We offer several options to deliver your code signing certificate in compliance with these new requirements:
Easiest Option: Token + Shipping
This is the simplest option and what we recommend for most customers. DigiCert will ship a USB eToken to you, then you’ll use DigiCert’s provided software to download and install the certificate onto your USB Token.
You’ll be able to plug the USB token into your computer or server then sign files using your preferred tool (eg. SignTool.exe, JarSigner, etc.)
Use an Existing Token
If you already own a compatible USB eToken (SafeNet 5110 CC, SafeNet 5110 FIPS, or SafeNet 5110+ FIPS), you can use DigiCert’s provided software to download and install the certificate onto your USB token.
Advanced Option: Install on a Hardware Security Module (HSM)
If you use a cloud or on-prem hardware security module (HSM), you can choose this option to download and install your certificate onto your HSM. DigiCert will send you an email asking you to confirm that your HSM meets the security standards, then they’ll deliver the certificate to you digitally for installation.
Any FIPS 140 Level 2, Common Criteria EAL 4+, or equivalent HSM is compatible for this option. You can use an HSM you manage directly or you may use a key storage/vault solution that uses a compliant HSM (for example, Azure Key Vault or AWS KMS).
Code Signing Certificate Delivery Options
Industry standards set by the CA/B Forum now require that all code signing certificate keys be stored on a FIPS-compliant hardware security module (HSM) or hardware token. This is an industry-wide countermeasure against the rise in breaches associated with stolen signing keys. Only certificates that follow these requirements will be trusted by Microsoft Windows and other platforms.
We offer several options to deliver your code signing certificate in compliance with these new requirements:
Easiest Option: Get your certificate shipped from Sectigo on a USB token
This is the simplest option and what we recommend for most customers. Just choose one of these options to have your code signing certificate and key shipped to you on a FIPS-compliant eToken (USB token):
Delivery Option
Shipping Details
USB Token + Shipping (US)
Ground shipping to addresses within the United States.
USB Token + Expedited Shipping (US)
Air express shipping to addresses within the United States.
USB Token + International Shipping (non-US)
Choose this option if your shipping address is not in the United States.
You’ll be able to plug the USB token into your computer or server then sign files using your preferred tool (eg. SignTool.exe, JarSigner, etc.)
Advanced Option: Install on your own HSM or hardware token
If you already own a compliant token or HSM, you can choose this option to download and install the certificate onto your supported device:
Luna Network Attached HSM V7.x
YubiKey 5 FIPS Series
Only the listed models are compatible. For compatibility with other HSM models, please choose a DigiCert or GoGetSSL code signing certificate.
Code Signing Certificate Delivery Options
Industry standards set by the CA/B Forum now require that all code signing certificate keys be stored on a FIPS-compliant hardware security module (HSM) or hardware token. This is an industry-wide countermeasure against the rise in breaches associated with stolen signing keys. Only certificates that follow these requirements will be trusted by Microsoft Windows and other platforms.
We offer several options to deliver your code signing certificate in compliance with these new requirements:
Easiest Option: Get your certificate shipped from Comodo CA on a USB token
This is the simplest option and what we recommend for most customers. Just choose one of these options to have your code signing certificate and key shipped to you on a FIPS-compliant eToken (USB token):
Delivery Option
Shipping Details
USB Token + Shipping (US)
Ground shipping to addresses within the United States.
USB Token + Expedited Shipping (US)
Air express shipping to addresses within the United States.
USB Token + International Shipping (non-US)
Choose this option if your shipping address is not in the United States.
You’ll be able to plug the USB token into your computer or server then sign files using your preferred tool (eg. SignTool.exe, JarSigner, etc.)
Advanced Option: Install on your own HSM or hardware token
If you already own a compliant token or HSM, you can choose “Install on Existing HSM” to download and install the certificate onto your supported device:
Luna Network Attached HSM V7.x
YubiKey 5 FIPS Series
Only the listed models are compatible. For compatibility with other HSM models, please choose a DigiCert or GoGetSSL code signing certificate.