Thawte Code Signing is a specialized certificate which allows developers to add a digital signature to the application distributed over the Internet. If any change in code is detected, the signature becomes untrusted and then the user is warned before using the app. By signing an application with a Thawte Code Signing certificate, users will be assured that the software they have obtained is definitely from the manufacturer.
- Pricefrom £78.75
- Validity1-3 years
- Secures Desktop and smartphone apps
- Compatible w/all major browsers
- Public key algorithm RSA
- Symmetric encryption256 bit
- Public key length2.048 (3.072/4.096) bits
- Root CADigiCert Global G2
- Money-back guarantee30 days
- Certificate reissuefree and unlimited
- Multi-domain support (SAN)N/A
- Private key on tokenno
Recommended certificate use
The certificate is used primarily by developers and software companies that require their applications to be digitally signed over the Internet.
Thawte Code Signing price list
Thawte Code Signing has been replaced by the DigiCert Code Signing certificate. If you have Thawte Code Signing and need to extend it, we recommend contacting our support.
Displaying the certificate
If the application is correctly signed and trusted, no warning will be displayed to the user when they open the application. The publisher details are in the certificate and allow you to check app identity and integrity. You can find details of the certificate in the file’s digital signature properties. The signature shows the date of application signing, details about the certification authority, timestamp, etc.
FAQ - Frequently Asked Questions
Will the signed application be trusted for every user?
On the Windows platform, the SmartScreen filter determines how trusted a reputation is. The SmartScreen filter used to be a part of Internet Explorer and nowadays it is a part of Windows. After signing and issuing an application, it takes some time before this reputation is created. Therefore, the Windows system might want to block it together with the digital signature. The solution to such a problem is only to use a signature with the Code Signing EV certificate, whose signature is always trusted and will not be blocked.
In general, the digital signature of an application itself does not guarantee trouble-free execution for users. For example, Java applets raise security warnings by nature of their platform, which is not considered too secure.
What are the requirements for signing with a Code Signing certificate?
What platforms can the Code Signing certificate be used for?
From the perspective of the development environment, it again does not matter - the Code Signing certificate will work with any development environment that supports application and code signing. Windows typically uses Signtool, which is a part of the Windows SDK.
The only exception is with the Code Signing EV certificate - this type of certificate needs the Safenet support application for signing, which is available for Windows, Linux, and MacOS.