Open Source Code Signing

The certificate confirming the identity of an author working under the Open Source license.

Code Signing certificates enable software developers to digitally sign the original code and recipients to verify data integrity. They eliminate the anonymity of applications published on the Internet by including the author’s name. They guarantee that the software has not been modified by unauthorized persons or viruses from the time of its signing by the software developer.

The Open Source Code Signing certificate is meant for software developers and publishers who work under the Open Source licence.

  • Simplified authentication of the ordering party (minimum formalities, immediate issue)
  • Compliance with WebTrustSM/TM
  • Issued by CERTUM, whose root certificate is automatically recognized as trustworthy by all popular web browsers and Microsoft products
  • Standard (24-hour)_period for issuance of certificate after successful data authentication
  • Secured by the SHA-2 function
  • Protection of intellectual property and brands of software publishers
  • Types of supported files: .docm, xlsm, .pptm, .xpi, .jar, .war, .ear, exe, .dll, .ocx, .cab, .msi.
  • Confirmation of responsibility for the certification process
  • Free revocation and exchange
  • Possible to store the certificate on a cryptographic smart card
  • Free time stamp
  • OCSP – Online Certificate Status Protocol
  • Possible internal and external signatures creation
  • Examples of tools that may be used for signing: MS Office 2000+, and openSSL for UNIX/Linux, Firefox, Key Manager, Jarsigner and verifier from Java JDK 1.5+, SignTool, SignCode, Visual Studio Express
  • Certificate status verification service available by using the certificate revocation list (CRL) and the Online Certificate Status Protocol (OCSP),
  • Validity period: 1 year
  • Technical support 24h

A commercial version of the certificate is also available – Standard Code Signing certificate – intended for digital code signing for the majority of the available operating systems.

Certificate verification – minimum formalities

The procedure for obtaining the Open Source Code Signing certificate is simple. No fees for the trial version.

Learn more

Encryption strength

Recommended key length 2048 – 4096. Minimum encryption key length: RSA/DSA 2048 bit, EC 571 bit: sect571k1 (NIST K-571) and sect571r1 (NIST B-571).

Learn more

The benefits of Open Source Code Signing are the following:

The certificate confirms the identity of the application author or software publisher. It protects against code modifications – you gain security and your clients’ trust.

Learn more

In particular, recommended for protecting:
  • programs on UNIX/Linux platforms
  • VBA macros
  • Apple application (from OS X)
  • Firefox and Netscape add-ons
  • Adobe AIR
  • Java applets
  • Internet applications based on JAVA technology
  • ActiveX components and controls
  • binary files in Visual Studio


Dear User

Pursuant to Article 13(1)(2) of the General Data Protection Regulation of 27 April 2016 (hereinafter referred to as the “Regulation”), please be informed that:

  • The administrator of your personal data is Asseco Data Systems S.A. with registered office in Gdynia, ul. Podolska 21, 81-321 Gdynia;
  • The Data Protection Officer at Asseco Data Systems S.A. can be contacted at e-mail address:, tel. +48 42 675 63 60.
  • Your personal data will be processed for the purpose of:
    1. preparing a response to your enquiry, pursuant to Art. 6(1)(b) of the Regulation.
    2. sending marketing information by means of electronic communication and automation software on the basis of the Act on the provision of services by electronic means of 18 July 2002 and in connection with Article 172(1) of the Act “Telecommunications Law” of 16 July 2004 (alternative consent), pursuant to Article 6(1)(a) of the Regulation.
  • Your personal data will be stored for the time necessary to prepare a response to your enquiry and to respond it until you withdraw your consent for receipt of marketing information.
  • You have the right to access the contents of your data and the right to correct it, to have it removed/forgotten, to restrict its processing, to transfer it, to make an objection, to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of your consent prior to its withdrawal. All the above rights may be exercised through an application submitted at
  • You have the right to lodge a complaint with the Regulator if you consider that the processing of your personal data is in breach of provisions of the Regulation.
  • Provision of personal data by you is necessary for the execution of your enquiry. You must provide it, and the consequence of not providing personal data will be that you will not be able to receive a response to your enquiry.
  • Your data will be processed automatically, also in the form of profiling. Automated decision making will be based on the principles of processing personal data supplied at the time of creating an Account and any supplemented data stored in it as well as data concerning activity on the Websites (in accordance with the Privacy Policy of Asseco Data Systems S.A. website Privacy Policy) and activity related to our communication with you through e-mail, and such processing will result in adjustment of marketing information concerning our products and services that may be of interest to you.
Privacy policy