Renew or activate signature

Electronic signature activation

How to activate NEW
Certum's electronic signature?

Activate a Signature

Electronic signature renewal

Renewal of Certum's e-signature
step by step

Renew a Signature

Electronic signature renewal process - detailed instruction

Panel

Language

Accessibility

Reset to default
Renew or activate signature

Electronic signature activation

How to activate NEW
Certum's electronic signature?

Activate a Signature

Electronic signature renewal

Renewal of Certum's e-signature
step by step

Renew a Signature

Electronic signature renewal process - detailed instruction

Home page of news

2026-06-08

How to choose the right Code Signing certificate

 

If you develop desktop applications, drivers, business tools or software distributed to customers, choosing the right Code Signing certificate has a direct impact on brand recognition, credibility and the end-user experience.

As cyber threats continue to grow and end users install an increasing number of applications, code signing has become an essential element in building trust in software. A Code Signing certificate not only confirms the integrity of an application, but also strengthens the publisher’s credibility and helps reduce system warnings.

Certum, one of Europe’s largest and most recognizable trust service providers, offers a comprehensive portfolio of Code Signing certificates tailored to different business models, technical environments and risk levels.

Below are the key aspects to consider when choosing the right solution.

OV or EV — which certificate should you choose?

The right certificate should depend primarily on the nature of your project, the scale of distribution and the level of trust you want to provide to your users.

OV (Organization Validation) Code Signing

An OV certificate is a versatile solution available to both individuals and organizations.  The certificate may display either an individual’s full name or a company name, helping build recognition for a specific developer or organization.

It is a good choice for:

  • smaller companies and software houses,
  • application vendors distributing software on a limited scale,
  • teams that want to start signing code quickly.

An OV certificate removes “Unknown Publisher” messages, ensures software integrity and helps build the reputation that affects warnings displayed by Microsoft SmartScreen Filter. At the same time, it remains cost-effective and flexible, making it a popular entry-level choice.

EV (Extended Validation) Code Signing

EV Code Signing is a premium solution designed exclusively for organizations. This type of certificate is not issued to individuals. The certificate always displays the company’s full legal name, strengthening the publisher’s credibility both for users and operating systems.

This certificate is required, among other cases, when registering within the Microsoft ecosystem, for example in the Windows Hardware Developer Program.

An EV Code Signing certificate removes “Unknown Publisher” messages and ensures software integrity. As noted above, Microsoft SmartScreen warnings are primarily influenced by the publisher’s reputation — and an EV Code Signing certificate may help build that reputation faster. In addition, the certificate always displays the full company name, further strengthening the publisher’s credibility.

It is particularly recommended for:

  • companies distributing software at scale,
  • driver manufacturers registering for the Windows Hardware Developer Program, where an EV Code Signing certificate is required,
  • organizations for which a strong and trustworthy brand is essential.

Certificate format — card or cloud?

Code Signing certificates are available both in the traditional format, on cryptographic cards, and in a cloud-based model (SimplySign).

The cloud-based solution offers:

In practice, the choice of key storage method often has a significant impact on team efficiency and the scalability of the signing process.

Certificate validity period — what you need to know

Under the current CA/B Forum requirements, the maximum validity period for a single Code Signing certificate is currently 459 days.

Certum has aligned its offering with these regulations while maintaining operational convenience:

  • products are available in 1-, 2- and 3-year validity models,
  • the certificate can be reissued free of charge during the term of the agreement,
  • continuity of the signing process is maintained without downtime.

This approach streamlines certificate management by allowing valid organization verification to be reused when issuing subsequent certificates during the verification validity period.

Summary — why Certum?

Choosing a Code Signing certificate should combine security, regulatory compliance and real business value. Certum provides:

  • a broad portfolio of security certificates,
  • flexible key storage options, either cloud-based or card-based,
  • stable Certum infrastructure located in the EU,
  • compliance with the requirements of the Windows Hardware Developer Program and the CA/B Forum.

This allows you to select a solution that matches the scale of your project — from open-source initiatives and business development to global software distribution.

 

Read also