How to Set Up and Use GoGetSSL Cloud Signing

Follow these steps to set up and use GoGetSSL Cloud Signing, powered by DigiCert. Note that GoGetSSL certificates are issued by DigiCert and your code signing certificate and signing key will be securely stored in the DigiCert KeyLocker platform.

Step 1: Request & Validate Certificate

After placing your order for GoGetSSL Cloud Signing, one of our support engineers will review your order and initiate the setup process. You’ll then need to follow these steps:

1. Wait for an email from DigiCert to complete your access to CertCentral. Use the link provided in the email to log in to your DigiCert CertCentral account.

2. In your DigiCert CertCentral account, go to Settings > Preferences, then expand the “Advanced settings” section. Under “Code signing and EV code signing certificate settings”, check the box to enable DigiCert KeyLocker. We also suggest setting KeyLocker as the default provisioning option:

3. From your dashboard, please click the “Request Certificate” button on top and select the product that matches the GoGetSSL Cloud Signing product you ordered, either:

• Code Signing
• EV Code Signing

4. Make the following selections:

• Validity period: should match the GoGetSSL Cloud Signing product you ordered (1, 2, or 3 years)
• Organization: be sure the information matches your legally registered organization/entity details
• Provisioning Options: select “DigiCert KeyLocker (cloud HSM)”

5. Please check your email account for a verification email sent by Digicert to approve the order. The email is sent from the email address [email protected]. Review and approve the order using the link in the email.

6. After you have completed the steps above the organization you will be using on the certificate needs to be validated. For more details about this process, see our validation guides:

• DigiCert Standard/OV Validation Guide
• DigiCert EV Validation Guide

Feel free to contact our support team if you have any questions during the validation process!

Step 2: Set Up KeyLocker

After the validation of the organization has been completed and the certificate is issued, follow these steps to start using your new code signing certificate:

1. You will receive another email from Digicert with access to your Keylocker platform. Use the provided link to login to your DigiCert KeyLocker platform. Navigate to: Manager menu icon (top-right) > KeyLocker.

2. Once logged in to KeyLocker, click on Get Started.

3. Follow the provided instructions to setup your users.

4. Follow the provided instructions to add users and install/setup the KeyLocker agent on your computer/server (available for Windows, Linux, and MacOS). The KeyLocker agent allows you to connect to and use your code signing certificate and key locally, while the key remains securely stored in a cloud-based hardware security module (HSM).

5. You will now be able to use your code signing certificate to securely sign software files using several different methods:

• The simplest way to sign files is to use the DigiCert provided signing tool. Click here for instructions on using the DigiCert Click-to-Sign tool.
• KeyLocker also supports a variety of third-party tools. Click here for instructions on using third-party tools such as SignTool, jSign, Sign4j, OpenSSL, etc.
• Need to integrate with a CI/CD platform? Click here for script and plugin integration instructions.

Have questions about setting up and using Keylocker?  Contact DigiCert Support within the portal —their code signing specialists will be happy to help you.