3 Easy Steps to Get Code Signing Certificates
Get Your Code Signing Certificate Issued in Just 3 Steps
It’s great to see that you’ve decided to get that mandatory trust factor: a code signing certificate, which is needed for signing an application or software package to prevent those pesky warning messages which make users run away.
For digitally signing your software and apps, using a trusted code signing certificate is a must. It has even almost mandatory due to prevalent security threats a Code Signing Certificate helps in creating trust and authenticity among users that the software is coming from a trusted source and it hasn’t been tampered with since its signing.
However, to get a code signing certificate issued requires certain steps to be followed. If you’re not aware of the steps to take or you’re facing any difficulty while completing the process, don’t worry, you’re at the right place.
Here, we’ll discuss the 3 required steps in detail which need to be completed to get you a Code Signing Certificate issued.
3 Step Process to Get Code Signing Certificate Issued
We’ll try our best to keep the process of certificate issuance as easy as possible. Getting a code signing certificate issued requires three main steps to be followed:
- Generating the CSR (Certificate Signing Request).
- Completion of Validation.
- Downloading the issued code signing certificate.
1. Generating the CSR (Certificate Signing Request)
For generating the CSR securely and without any issues, you’ll need to make use of Mozilla Firefox ESR or Internet Explorer 11 as your web browser. They’re used mainly because the browser contains a set of features that allows generating the CSR and private key. If you don’t have Mozilla Firefox ESR or Internet Explorer 11, then you’ll need to download and install one of them. If you’re not able to download or you’re facing any issue while installing it, feel free to contact us.
You’ll get one copy of your private key, and it’s generated with the CSR.
Follow the below steps to generate a code signing certificate CSR:
- Open any of these web browsers: Mozilla Firefox ESR, Internet Explorer 11 or Safari (Mac users only).
- Go to staging.staging1-codesigningstore.flywheelsites.com and login to your account.
- Go to the certificate details section on the website and click the button Next Step: Generate Certificate.
- Now, enter all the requested information.
- Click the Submit button.
- Once it’s submitted, the browser will generate the key pair, and it’ll send the CSR to the certificate authority (CA) from the one you purchased your code signing certificate.
- As the last step, you’ll receive an order number.
Once the above steps are completed, you can proceed to the second vital step of completing the validation.
Note: Steps to generate CSR for Windows Code Signing Certificate.
2. Validation for a Code Signing Certificate
For OV code signing certificates, four steps need to be fulfilled for completing the validation process, and they’re as follows:
- Authentication of an organization.
- Locality presence.
- Verification of Telephone number.
- Final verification call.
Authentication of an Organization
It’s the very first step in validating a requested code signing certificate. Here, the certificate authority from which you’ve purchased a code signing certificate will do the verification of your organization to confirm its legitimacy. If you’re using a legal trade name or DBA, you’ll also have to be sure that all the registered information is up to date at the time of filings.
Online Government Database Is the Preferred Method
Usually preferred method for CAs is to verify you’re who you say you are is by verifying the information from the relevant online government database. Here, the CA checks the information regarding business maintained online by your local government, which shows you’re the registered entity. It’s one of the easiest and most time-effective methods, preferred as the first option for most of the CAs.
- A comprehensive credit report from DUNS (Duns & Bradstreet).
- Providing a legal opinion letter from your CPA or attorney.
- Official documents of entity registration.
The physical address of the business is verified in this step: it’s checked whether the provided address of the business exists. This allows CAs to confirm that you’re a legal entity that has a physical presence with a registered location. However, CAs verify the information by looking through the available online government database. If data is not available or it doesn’t match with the provided address, then you’ll have to go with an alternative method:
- A comprehensive credit report of DUNS (Duns & Bradstreet).
- Registration documents of your organization.
- Offering a legal opinion letter from your CPA or attorney.
Once the above two steps of Organization and Locality verification are completed, the third step of verifying the registered telephone number of the business is carried out by the CA. Here, the CA confirms whether you’ve got an active listed telephone number that is registered with your business and available on an online telephone directory.
The number listed on that online telephone directory must be identical to the number which you submitted during the initial registration process of a code signing certificate. Also, the telephone number must display the same physical address and the verified business name.
Final Verification Call
This is the last verification step before the issuance of a code signing certificate. Once the above steps are completed, you’ll receive a verification phone call from the CA, where they’ll ask some basic questions, for example, whether you’ve requested the certificate, and what’s the address of the registered business. It’ll be a pretty straightforward call where CA would like to speak with the specified applicant using the registered business telephone number, which was earlier used for confirming order details.
3. Downloading Issued Code Signing Certificate
If you’ve made it this far, congratulations, you’ve almost completed the instructions, and you’ve just got one step to go.
Once all the verification mentioned in the above steps is completed, the CA will send you an email which will contain a collection link for your issued code signing certificate. Below are the steps for collection of your issued code signing certificate:
- Open the web browser you use to generate the CSR(Firefox ESR, Internet Explorer 11, or Safari–Mac users only) and click the collection link for the code signing certificate, which you received in an email message.
Now, export the code signing certificate with its associated private key from the web browser. You’ll be required to save it onto your local computer as with .p12 file extension.
To get a code signing certificate isn’t a hard process. You can choose from organization validation and extended validation, which requires a verification process. If you have all the required information on hand, and it’s updated, you won’t face any issue, and your certificate will be issued without any issues.
However, it’s advised to avoid delay in submitting any required information as this can also lead to a delay in the issuance of a certificate because the certificate is not issued until the verification process is completed.