Code Signing Centre - support for signing applications
Customer Support Centre for Code Signing certificates (certificates for signing codes and applications). Here you will find all relevant information regarding code signing and the use of Code Signing certificates.
Code Signing Certificates
Code Signing Certificates (Code signing) are used to sign applications created on various development platforms. The goal of signing the code is not only to authenticate the publisher, but mainly to protect the authenticity of the application and its immutability. If someone modifies the application (for example, adds malware), the signature ceases to be valid. Therefore, most current systems either require an application signature (MacOS) or strongly warn you before running an unsigned application (Windows).
Code Signing EV Certificates
We also offer a certificate with extended validation for code signing certificates. You will find its advantages and instructions on activation in the following paragraphs.
The significance of Code Signing EV Certificate
Its significance is better security of the certificate and private key. The certificate is stored on the token together with the private key and cannot be exported. The use of the certificate is password protected and after several bad attempts the token will be deleted. This is an excellent protection for your code signing certificate from misuse.
Another important advantage of the Code Signing EV Certificate is the absolute trustworthiness in the Smartscreen filter that is part of Windows. Thanks to the EV signature, you can be sure that Windows will not block your application from users. More information about the Code Signing certificate in our offer can be found on the product page DigiCert Code Signing EV.How to get and activate a Code Signing and Code Signing EV Certificate
The whole process of obtaining and activating a Code Signing Certificate is described in the article Activating a Code Signing Certificate.
How to Sign Software with a Digital Certificate
To sign applications using Code Signing, you need two things:
- A Code Signing certificate
- A signing application
You can obtain a Code Signing certificate from SSLmarket easily. The signing application depends on the platform you're developing on. Below are the most popular and widely used signing tools. These are described in our documentation, and we can help you use them:
- Signtool from the Windows SDK (guide)
- Jarsigner (see blog article)
- smctl utility from DigiCert – recommended for KeyLocker (guide). It can work with tools like signtool and simplifies the signing process.
Most of our customers develop in a Microsoft Windows environment and use the Windows SDK.
Signing is typically done with the signtool.exe tool.
You can find the documentation for signtool on the
SignTool.exe (Sign Tool)
page on Microsoft's website.
Contact us
If you are unsure about any step in ordering a certificate, issuing a certificate, installing a certificate, or with any questions, do not hesitate to contact our customer support, who will advise and help you. Our Web Security Sales Expert Plus certified professionals are available on weekdays during normal business hours.
You can also contact us directly from your customer account by sending a request from the Authorized Request menu.
FAQ – Frequently Asked Questions
Is the Code Signing certificate tied to my domain name?
No, Code Signing certificates are not issued for a domain name, but for a specific organization. The organization name appears in the Common Name field.
What can I sign?
With a DigiCert Code Signing certificate, you can sign various types of software and scripts to ensure they come from a trusted source and have not been modified after signing.
✅ You can sign:
- Executable files: .exe, .dll, .ocx, .msi, .cab
- Windows drivers (WHLK/HLK)
- Java applications: .jar
- Macros and VBA scripts in Microsoft Office
- PowerShell scripts: .ps1
- macOS apps and packages (via Apple Developer ID)
- Adobe AIR applications
- .NET applications and libraries
- Scripts and installers across various platforms
⚠️ You cannot sign:
- Code requiring a qualified electronic signature under eIDAS
- Files not intended for distribution
- Formats and platforms that don’t support digital signatures
Is a timestamped code still valid after the Code Signing certificate expires?
Yes, timestamped code remains valid even after the certificate expires. If you use a timestamp during signing, the system verifies that the code was signed while the certificate was valid. This ensures the signature remains trusted. Without a timestamp, the code would need to be re-signed with a new certificate.
How can I timestamp VBA projects?
See the article Instructions for timestamping VBA code on DigiCert.com.
Is there a limit to how many applications I can sign with a Code Signing certificate?
No, you can sign an unlimited number of applications with your certificate. If the certificate is stored on a token, there are no signing limits. However, cloud-based services do apply limits:
- DigiCert KeyLocker – includes 1,000 signatures for the certificate's validity period; additional signatures can be purchased.
- Software Trust Manager – signing is licensed for the contract duration.
How do I sign using a certificate in the cloud?
Signing with a Code Signing certificate in the cloud is simple and secure. It uses hash-based signing – a hash is generated from the file and sent to the cloud for signing. The actual file is not transferred; only the signed hash is returned. This makes the process efficient and secure.
Cloud-based hash signing is available with the following services:
We are sorry that you did not find the required information here.
Please help us to improve this article. Write us what you have expected and not found out.