Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


GlobalSign EV code signing Certificate: Timestamp Server Update

Following a decision of the CA/B Forum the key length for EV code signing certificates will have to be 3072-bit at least from June 1st, 2021.

As a result, GlobalSign is providing a new URL for its timestamp server to comply with this new standard. You will have to update this address on your software because after June 1st, 2021 the old timestamp URL will not work anymore.

As a reminder, time stamping is an essential element of code signing. Although technically optional, time stamping allows you to maintain the validity of the signatures made by your key in perpetuity. Without a timestamp, signatures cease to be reliable when the certificate associated with the signing key expires.

Here is the new URL to be used as of June 1st, 2021:

  • Name : New R6 TSA
  • URL : timestamp.globalsign.com/tsa/r6advanced1

For your information, here is the old URL that will no longer work after June 1st, 2021:

  • Name : Legacy R3 TSA
  • URL : rfc3161timestamp.globalsign.com/advanced

How to proceed

Here is an example with the signtool command line software

    signtool sign /a /tr http://timestamp.globalsign.com/tsa/r6advanced1 /td SHA256 c:/path/to/your/file.exe

Another example to sign a JAVA component

    jarsigner -tsa http://timestamp.globalsign.com/tsa/r6advanced1  -keystore [keystore-name]  file-to-sign.jar [alias-name]

Useful links