Obtain a code signing certificate (code signing for applications)
Why to digitaly sign a program with a recognized certificate?
With a code signing certificate you'll be able to sign apps, components or plug-ins that will then be deployed on exploitation systems (Windows, Linux, IOS, Android...) or as modules.
Now, to enhance security and keep users' trust, software signing authenticates the software editor ant to make sure the program has not been modified/hacked during its installation and/or use.
Nowadays, systems increasingly recommend or require signed software in order to have the best integrity guarantee while authenticating malevolent actions (Malware, virus...).
That is the reason why a program signed with a code signing certificate does not trigger security alerts informing the editor ID is not known.
Digitally sign apps for Windows, Apple IOs,Android, Google Play...
Procedure to get a certificate:
- 1 - Create a private key
- 2 - Describe your identity in standardized fields (Organization, contry...) and sign this information with your private key. It is what we call a certificate request (materialized in a CSR file for example).
Particularities:
The CN field must:
- be a FQDN
- or the name of the organisation as officially registered followed by its legal form (example TBS CERTIFICATS SAS)
The OU field
- must be empty
- or indicate: "Secure Application Development"
- or be identical to the O field
No other information is allowed.
- New: create a CSR and a private key with our tool Keybot
- Generate a Keystore eand a CSR for Oracle Java / JDK / J2ME
- Request a Netscape Code Signing certificate
- Request a Microsoft Authenticode or VB (multiplateform) certificate
- What kind of extension may I find in the Thawte MS authenticode certificate?
- Request an Adobe Air certificate
- 3 - Order your certificate at TBS:
Certificates' center -> New certificate -> code signing
Order a certificate
Then an audit will be realized to check your identity and your legal existence - 4 - After the certificate issuance, you'll have to install it and to link it with the private key in your software/development environment
Install a code signing certificate (component signature) - 5 - Then you'll be able to sign your software before deployment
A timestamped signature done with a certificate provided by TBS INTERNET will be valid indefinitely (even after the certificate expiration).
Use a code signing certificate