In order to get rid of Unknown Publisher warnings, and build Microsoft SmartScreen reputation, any Windows software must be digitally signed using a code signing certificate! Technically speaking, these platforms require valid certificates:
- Microsoft Authenticode
- Microsoft Office & Microsoft VBA
- Adobe AIR
- Mozilla Objects
Self-signed Code Signing Certificates
Software publishers can sign their software products themselves by creating a self-signed code signing certificate, however this doesn’t help. On the contrary, it harms. For running a self-signed software, Windows XP SP3 or later is required! Before that, Windows can’t run executables signed by a self-signed code signing certificate.
Code Signing Certificates: Major Brands
The most popular code signing certificate brands in the industry include:
Sectigo is the cheapest amongst them. However, it is even cheaper to buy from Sectigo via its resellers.
Sectigo (Comodo) Resellers
For years, Tucows was the cheapest code signing certificate reseller until they shut down their Developer Panel on
Types of Code Signing Certificates
Two different types of Code Signing Certificates are available:
- Organization Validated (OV) Code Signing Certificate (Also known as Standard/Regular Code Signing Certificate)
- Extended Validated (EV) Code Signing Certificate
So, let’s see what they are and how they differ with each other.
OV Code Signing Certificate
Organization Validated Code Signing Certificates are issued with a standard validation process. Here, the certificate is provided quickly compared to EV Code Signing Certificate, and its private key is NOT stored separately, making the protection responsibility of the developer.
It’s one of the right choices if you have recently launched your software and if you’re any individual software developer, and you’re not bothered about the time your software takes to build its reputation in Microsoft SmartScreen filter.
EV Code Signing Certificate
EV Code Signing, an abbreviation of Extended Validated Code Signing, is a code signing certificate where it’s mandatory to validate the publisher’s identity which is similar to the validation process of EV SSL Certificate, as the buyer has to provide all the asked documents to prove their identity.
Also, the Private keys of the EV Code Signing Certificates are provided separately on a hardware token to avoid any unauthorized usage.
Of course, this type of certificate costs much more than a regular OV certificate.
EV Code Signing Certificate is a requirement for Windows 10 drivers.
Sectigo’s OV Code Signing Certificate policy:
In order to get an individual code signing certificate, please provide the following documents.
- Please provide anyone of your government issued photo id card such as passport, national id card, or driving license which also confirms your address in it.
- Also please provide your selfie picture holding the above mentioned document near your face.
We need to complete the FACE to FACE validation, We need below documents.
- Government issued photo ID [driver’s license OR passport] – It is mandatory and should get attestation by notary
- One Financial institution documents [A bank statement or credit card less than six months old]
- One Non-Financial documents [Gas bill, Water bill, Power bill / Phone bill]
- You need to fill out the Face to face form with Notary Signature.
Once you submit the Face to Face document, we will verify the Notary’s credentials with the respective registration agency.