Standard Code Signing
The Standard Code Signing Certificate is compatible with Java Code Signing and Microsoft Authenticode technology. It is designed to digitally sign code (in user mode or software kernel-mode).
Standard Code Signing Certificate allows software authors to digitally sign their code. Customer using digitally sign application :
- Avoid „unknown software publisher” and „dangerous software” warning messages,
- Are certain that the software comes from a trusted source,
- Have a quarantee that it is not infected by viruses and modified since it was signed.
Why you should sign your software with the Code Signing certificate issued by the CERTUM certification authority?
- You protect the brand, company reputation and gain user’s trust,
- You make it possible to reliably identify software and receive a safety guarantee for your applications,
- Protect intellectual property.
Standard Code Signing certificate allows to digital signing
- UNIX/Linux software
- VBA macros
- Apple applications ( MacOS X)
- Adobe AIR plug-ins
- Add-ons for Firefox and Netscape
- Java applets
- JAVA based internet applications
- ActiveX component and controls
- Binary files ( .exe)
- Windows OS libraries
- To sign drivers for 32 and 64 bit Windows systems working in Kernel-Mode.
Examples of compatible formats:
- .docm, xlsm, .pptm, .xpi,.pptm, .jar, .war, .ear, exe, .dll, .ocx, .cab, .msi.
The most important functionalities of Standard Code Signing:
- Financial guarantee 60 000 €
- Compliance with WebTrustSM/TM
- Certificate function: SHA-2
- Protect the brand, company reputation and gain user’s trust
- Compatiable with standard X.509 v.3 (RFC5280)
- Standard issue time after verification – 24 hours
- Free revocation and reissue
- The certificate have to be installed on cryptographic card
- Free time stamp
- Validity period 1–3 years
- Status certificate possible to verify by CRL and OCSP Procotol
- Technical assistance (help line, e-mail)
Certificate authentication- prestige on the Internet
Upon purchase of the Standard Code Signing certificate, authentication of the future subscriber’s identity is required. New clients are kindly requested to provide documents confirming the identity of the person responsible for the purchase of the certificate, and additionally corporate documents (if such data are to be included in the certificate) within 7 days.
Recommended key length 2048 – 4096. Minimum encryption key length: RSA/DSA 2048 bit, EC 571 bit: sect571k1 (NIST K-571) and sect571r1 (NIST B-571).
Standard Code Signing – increased level of customer trust
To verify the Subscriber’s identity CERTUM requires the submission of the following documents.
Verification of a private individual applying for the certificate on their own behalf:
- identity document (ID card, passport, residency card, driving license) – in Latin characters – of the person placing the order. The copy should depict the entire document (both sides),
If it is not possible to send the following documents (ID card, passport, driving license, permanent residence card) there are few others possibilities to verify your identity:
- notarial identity confirmation – a document in English language or a document translated into English by the sworn translator
- identity confirmation at CERTUM’s Registration Point or Identity Confirmation Point
- possession of the qualified certificate issued by CERTUM
- a utility bill (e.g. water, electric power, natural gas, etc.), bank statement, credit card statement, government‐issued tax document belonging to the Subscriber
Verification of a person applying for the certificate on behalf of the organization:
- identity document (ID card, passport, residency card, driving license)- in Latin characters – of the person placing the order. The copy should depict the entire document (both sides),
or one of the following:
- notarial identity confirmation – a document in English language or a document translated into English by the sworn translator,
- identity confirmation at CERTUM’s Registration Point or Identity Confirmation Point,
- possession of the qualified certificate issued by CERTUM
- a utility bill (e.g. water, electric power, natural gas, etc.), bank statement, credit card statement, government‐issued tax document belonging to the organization,
- company registration documents – only in the case where the company doesn’t possess the DUNS number (it’s impossible to verify the company by using this number or by using national registration number),
- authorisation or power of attorney confirming connection of the person submitting the order with the organization – only when the applicant doesn’t appear in the relevant registry as a person authorized to represent the company
E-mail address access verification – click the verification link sent after the activation of the certificate.
In appropriate cases the CERTUM Team may ask for additional documents necessary for proper verification
Phone verification (does not apply to natural persons)
The contact phone number used for the phone verification of the certified organization has to match the number found in qualified sources of information such as public business and organization registers.
(e.g. DUNS, www.yellopages.com, www.numberway.com, or other public databases which are qualified as reliable and credible).
In case the phone number mismatch, the verification will be carried out using documents.
Standard Code Signing certificates must not contain a Domain Name or IP Address
All the collected documents should be sent to CERTUM PCC using one of the ways given below:
- via e-mail (recommended) as a scanned copy to: firstname.lastname@example.org
- by fax to: +48 (0) 91 4257 422
- by post to:
ul. Bajeczna 13
In justified cases the CERTUM PCC team may request for additional documents required for correct verification to be sent.
Certificate technical requirements:
- an internet browser which supports X.509 v.3 certificates (Internet Explorer v. 11, Chrome), Windows 7, 8, 10, Java JDK 1.5+.
Technical requirements for signing code or files:
- Office 2000 or newer package / Visual Basic – for signing macros and Office objects, ToolSign.sh and OpenSSL script in its most up to date, stable, available version for UNIX/Linux, Firefox or Netscape and a tool for signing add-ons dedicated to a given browser, KeyTool and Jarsigner attached to Java JDK 1.1+, SignTool, SignCode – for older Windows, Visual Studio Express versions.
Significance of trust verification
Standard Code Signing stands for secure communication The certificate is a guarantee for your customers and partners that the software or files sent by you have not been tampered with by any third parties.
Using the Standard Code Signing certificate attests to the fact that you care for data security.
The benefits of Standard Code Signing are the following:
- gaining your partners’ trust (no warnings about „unknown publisher” and „dangerous software”)
- application security guarantee – protection against modifications made by third parties and infection with viruses, Trojans, etc.
- protection of intellectual property and brands of software publishers
- protection of the company’s image and brands
CERTUM – General Certification Authority – guarantees the highest level of the offered certificates. We are the leader in the field of Internet security and the only Polish certification authority that provides services in compliance with the international standard WebTrustSM/TM . For over 10 year we have provided our clients with reliable and proven solutions which confirm their trustworthiness on the Internet.
A few words on CERTUM encryption
The encryption procedure allows the protection of information during on-line transmission and connections. The Public Key Infrastructure used by CERTUM is an original solution, created in cooperation with research personnel of the West Pomeranian University of Technology and independent encryption experts. The ID certificates issued by CERTUM allow the use of encryption strength of the recommended key length: 2048/4096.
24h technical support
We protect our clients’ safety and peace of mind 24 hours a day, seven days a week. You may contact our consultants at any time of the day or night. Just call the hotline or contact us via on-line chat. No question shall remain unanswered.