Code Signing Certificates Hero
DigiCert® Code Signing Certificates

Sign here for
code integrity

Stop application and software tampering so
customers know their downloaded files are published
as intended. That's digital trust for the real world.

What is Code Signing?

Code signing increases user confidence and trust

Code Signing Certificates are used by software developers to digitally sign applications, drivers, executables and software programs as a way for end-users to verify that the code they receive has not been altered or compromised by a third party. They include your signature, your company’s name and, if desired, a timestamp.

Benefits of DigiCert Code Signing Certificates

Protect your intellectual property

Code signing certificates allow customers to verify that your code is authentic and has not been tampered with—protecting both parties against fraud, malware and theft.

Prevent security warning labels

Your customers expect a smooth and professional installation process when they download your software. Digitally signed programs can avoid warning messages during download and install for better adoption. 

Efficient monitoring and enforcement

When a piece of code is digitally signed, you can easily detect modified files. Additionally, code signed with a timestamp tells a user that the code was signed with a valid certificate even after the actual certificate expires.

Meet platform requirements

The partners, channels and platforms that distribute your software expect you to safeguard their customers' data. Signing software shows your commitment to their safety and is often a contractual requirement.

What is EV Code Signing?

EV Code Signing increases trust and adoption

Extended Validation (EV) Code Signing Certificates include all the standard benefits of digitally signed code plus a rigorous vetting process and hardware security requirement, so your users can have even greater confidence in the integrity of
your applications.

Benefits of DigiCert EV Code Signing Certificates

Two-factor authentication:

An encrypted token containing the private key is stored on a USB device that you receive after you purchase your certificate. Only those who have the physical device can sign code with your EV code signing certificate, providing reinforced authentication and enhanced security.

Time-sensitive signing:

Adding an optional timestamp means your signature lives on even after the original EV code signing certificate used to sign it has expired. Without a timestamp, your signature expires when the certificate expires, requiring you to re-sign your code.

Microsoft Defender SmartScreen:

Automatically gain trusted status on Microsoft Defender SmartScreen® Reputation filter, thereby reducing warning messages and increasing brand reputation and end-user trust.

Support for hardware security modules:

DigiCert EV Code Signing Certificates can be installed on HSMs, giving you more control over your certificates and their private keys. Anyone in your organization with authorized access to the HSM can use the stored certificate to sign code.

Universal platform compatibility:

There is no need to reissue your certificate to sign code for a different platform (e.g., Authenticode, Kernel Mode, etc.)

Compare DigiCert Code Signing Certificates

Code Signing

EV Code Signing

ENCRYPTED DIGITAL SIGNATURE

REQUIRES RIGOROUS EXTENDED VALIDATION OF ORGANIZATIONS

INSTANT REPUTATION WITH
MICROSOFT SMARTSCREEN FILTER

REQUIRES TWO-FACTOR AUTHENTICATION
USING HARDWARE TOKEN

TECHNICAL SPECIFICATIONS
  • Microsoft Authenticode®

  • Microsoft Office & Microsoft VBA

  • Adobe® AIR®

  • Java®

  • Mozilla® Objects

Laptop image of CertCentral Dashboard
DigiCert® Software Trust Manager

Add continuous signing (CS) to your CI/CD pipeline

DevOps has changed how the world builds and delivers software. Unfortunately, it has led to a common but dangerous practice—key sharing. The exposure that comes with key sharing leaves you open to threats that can disrupt your processes and permanently damage your company.

With DigiCert Software Trust Manager, continuous signing actually closes your DevOps loop, building security into your CI/CD pipeline, all without disruption or a loss of agility. Add end-to-end encryption to your code, see who signed and when, and manage your chain of custody, all from a single console, crafted for DevOps by DevOps.

Learn more about DigiCert Software Trust Manager >

Have questions about DigiCert EV and
Code Signing Certificates?

Check out our Code Signing Support hub >

Why DigiCert?

Globally
recognized
Certificate Authority

Access to 24/7/365
award-winning
customer support  

2020 Frost and
Sullivan Global TLS
Certificate Company
of the Year

99.99% uptime  with
dedicated local and
in-region support