Code Signing

7 Code Signing Best Practices

Code signing is the process of getting your code signed digitally by a trusted certificate authority (CA). The CA verifies the identity of the author or publisher who submits the software and assures end-users that his identity has been validated. Although this process is pretty straightforward conceptually, there are some code signing best practices that you can implement to make the process a little smoother and more effective. We’ll jump into some of those code signing best practices for Microsoft in particular shortly. Before you can start using best practices, Continue Reading

What Is Code Signing Certificate and How Does It Work?

One of the most common security buzz words you hear these days is hashing. If you’re familiar with the concept, then you already know that hashing is used to verify the integrity of your files. Now picture a hacker compromising your website and replacing your uploaded files along with their hashes. It’s here that a code signing certificate can swoop in to save the day! When you release an application or an executable file, you would probably want to ensure that an attacker doesn’t change your original file. An attacker Continue Reading

Comodo Code Signing vs GoDaddy Code Signing Certificates

Compare Comodo code signing and GoDaddy code signing certificates: features, prices, and compatibility  In this article, we compare code signing certificates from two prominent brands, Sectigo (formerly known as Comodo CA) and GoDaddy. Both of these certificate authorities are highly reputed in the industry and are well-known for their cyber security products. Even though we’re now called Sectigo, we’ll refer to these certificates as Comodo code signing certificates in this article to make things easier for you since you may be used to referring to them by our former name.  One of their popular products is the code signing certificate. This type of certificate is used by software developers and publishers to protect downloadable software, Continue Reading

Code Signing Certificate Expired Issues

What happens to my software and digital signatures when my code signing certificate expires?   If this question haunts you at night, you’re not alone! Most software developers and publishers face this dilemma at one point.  You might be in the process of buying your first code signing certificate, or your current certificate might be expiring soon (or it has already expired). Whatever the scenario, you’ve landed on the right article. We have answers for all your questions regarding code signing certificate expiration issues and renewals.  Timestamping: The Ultimate Shield to Avoid Code Signing Certificate Expiration Continue Reading

Code Signing Certificates Comparison

Compare code signing certificates: The ultimate comparison of features, prices, types, and brands Getting a code signing certificate is an excellent decision for your software’s security and authenticity. There are multiple types of code signing certificates available in the market with different price ranges, features, and brands. So, comparing all code signing certificates before choosing the right one for your organization is an essential step. To help you with the research and buying process, we’ve  prepared this code signing certificate comparison guide and have compared all the prominent code signing Continue Reading

Microsoft Authenticode Code Signing Certificates

What is a Microsoft Authenticode Code Signing Certificate? Everything you need to know: Utility, Working style, Cost, and Compatibility. Microsoft’s Authenticode technology allows software publishers to use X.509 code-signing certificates to sign their software. Code signing certificates verify the publisher of the software and ensure that the software is the same and hasn’t been changed since it was signed by the original issuer.   Microsoft itself doesn’t verify the publisher’s identity and code’s integrity. Instead, it relies on a proven Public Key Cryptography system that allows a third-party certificate authority, like Sectigo (previously Comodo CA), to authenticate the publisher and hash the codes.   With Continue Reading