Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


20210514 - Key size increase for code signing certificates

The CA/B Forum recently decided to increase the key size for RSA code signing certificates. For security matters they will be extended to 3072-bit as of June 1st, 2021.

What consequences for currently valid certificates?

None. Your certificates will keep working normally until their expiration date.

And in case of reissuance ?

GlobalSign certificates

In case of reissuance your new certificate will be issued from a 4096-bit key. A new token, compatible with that key-length will the, be provided.

DigiCert & Sectigo certificates

In case of reissuance a new 3072-bit CSR will be requested. The certificate will also be chained to a new certification chain compliant with the new standard.

What about new orders?

GlobalSign certificates

The GlobalSign certificates will be delivered on a new token able to handle 4096-bit keys. A new time stamping server has been released for those certificates.

DigiCert & Sectigo certificates

The issuance of DigiCert code signing certificates will require a 3072-bit CSR. They will be chained to a new certification chain compliant with the new standard.

Useful links