Help Center

A code signing certificate is strongly recommended for any publisher intending to distribute code or other content over the Internet or over corporate networks. Software and other content providers who wish to provide extra assurance to their customers about who produced the content and that it has not been tampered with should use code signing certificates. Newer operating systems and Internet browsers are often set to higher security levels, which often require signed content. Use of code signing certificates may help enhance a publisher's reputation.

Code signing uses embedded digital signatures to assure the publisher details and content integrity of downloadable code.

Code signing certificates are valid for one, two, or three years depending on which duration was specified when the certificate was purchased.

No. Code signing certificates are only used to verify the publisher who signed the content and that the content has not been altered or corrupted.

Time stamping ensures that signed code will not expire when the code signing certificate expires. Signed code which has been time stamped is valid, even after the code signing certificate has expired. A new certificate is only necessary if you want to sign additional code. If you did not use the time stamping option during the signing, you must re-sign your code whenever the code signing certificate changes due to re-keying or renewal.

• Windows - Use the SignTool.exe utility included with the Windows SDK to verify the presence of a time stamp in code which has been signed. http://msdn.microsoft.com/en-us/library/aa387764(VS.85).aspx
• Java - Use JarSigner.exe included as part of the JDK which is available here.

No. Unlike some of our competitors, we do not limit the number of time stamp requests which can be issued by a single code signing certificate.

No. You are not limited you to any specific number. You can sign as many applications or other content with a code signing certificate as you wish, provided that the applications are going to be used for and distributed by the organization that owns the certificate.

No. Only businesses whose identity can be verified via various state or federal governmental agencies can be issued a code signing certificate.

No. Windows Vista device driver signing requires special code signing certificates which we do not currently offer.

Yes. Complete documentation will be added to our web site at later time.

In order to receive the certificate pop-up when the file is downloaded, you will need to enable the feature.

Enable Check for Signatures

Open the Tools menu in Internet Explorer and click Internet Options. Click the Advanced tab.

Scroll to the bottom and verify that the option Check for signatures on downloaded programs is checked in the Security section.

For Windows XP, everything is automatic. For older versions of the Windows operating system, it is highly recommended that the latest root update is installed. Good security policy dictates that your root certificate store should have the most current root certificate references from all trusted certification authorities, thereby providing the widest capability to recognize trusted content. Install the latest Microsoft root certificate patch here.