Individual Code Signing Certificates

Advantages of Individual Code Signing Certificates

Individual Code Signing Certificate Delivery Methods

Beginning June 1st, 2023, it is necessary to comply with the new guidelines established by the Certificate Authority/Browser Forum for the issuance of Code Signing Certificates. These guidelines require the use of secure hardware storage devices, such as Hardware Security Modules (HSMs), Hardware storage tokens, or Trusted Platform Modules (TPMs), that meet the highest security standards like FIPS 140 Level 2, Common Criteria EAL 4+, or their equivalents, for generating, storing, and utilizing private keys.

To comply with the updated guidelines set by the Certificate Authority/Browser Forum, it is recommended to utilize USB Token for storing cryptographic keys. You can use our flexible and dependable solutions for secure key storage. These solutions are designed to seamlessly integrate into your existing workflows and offer peace of mind while maintaining efficiency.

Delivery Method 1: Get a USB Token Delivered to Your Door

We provide convenient shipping choices for both local and global locations, ensuring that the USB token reaches your doorstep with ease. Our pricing options are varied, allowing you to select the most suitable one based on your specific needs.

Token + US Delivery: For a cost-effective fee of $80.00, have the USB token securely shipped to any location within the United States.

Token + International Delivery: Developers located outside the United States can take advantage of international delivery for $110.00.

Token + Expedited US Delivery: If you require the USB token urgently within the United States, opt for expedited delivery at $120.00 to receive it promptly. Minimize potential delays and seamlessly integrate the USB token into your workflow.

Delivery Method 2: Utilize Your Own Hardware Security Module

If you already possess a certified Hardware Security Module (HSM) or USB token, leverage its capabilities for secure key storage. Ensure that your device meets the stringent security standards of at least FIPS 140-2 Level 2 or Common Criteria EAL 4+ to ensure optimal protection.

Delivery Method 3: Keep Your Private Key Safe in the Cloud

You can simplify your code signing processes using the cloud-based key storage solution without compromising security. Take advantage of the secure cloud environment equipped with Hardware Security Module (HSM) capabilities and centralize your private key storage, making it easily accessible for your distributed development teams.

How Does Individual Code Signing Certificate Work?

An Individual Code Sign Certificate is used to sign software or code with a unique cryptographic digital signature. This signature serves as a digital fingerprint that can be used to verify the authenticity and integrity of the code.

When an individual applies for a code signing certificate, they must provide personal information, such as their name, email address, and physical address, as well as information about the code or software they will be signing. The Certificate Authority (CA) will then verify this information and issue the individual a digital code sign certificate.

When the signed code is distributed, the recipient's device will check the signature against the digital certificate that was used to sign the code. If the signature matches the certificate, the code is considered authentic and safe to run. If the signature does not match, the code may be flagged as potentially malicious and prevented from running.

Related Resources