Digital Certificates
Boost Security and Credibility with TrustID Code Signing Certificates
Establish Trust with TrustID Code Signing Certificates
Protect your software and build user confidence with IdenTrust TrustID Code Signing Certificates. Whether you're securing executables, scripts, or drivers, our solutions—including EV Code Signing Certificates—help verify your identity and ensure code integrity across platforms.
Why Developers Choose TrustID Code Certificates:
- Verified Publisher Identity: Assure users your software comes from a trusted source.
- Code Integrity Assurance: Prevent tampering with a secure digital signature.
- Enhanced User Trust: Improve reputation with operating systems and end users.
Developer-Friendly Features:
- Sign a wide range of file types: executables, libraries, firmware, macros, and more.
- Full compatibility with Microsoft Authenticode, Java, Apple, and Microsoft Office environments.
- Private keys stored in FIPS 140-2 Level 2 hardware or your own compliant HSM.
- Free RFC 3161-compliant timestamping for long-term signature validation—even after certificate expiration.
Click on the button below to explore TrustID Code Signing Certificate options—such as EV Code Signing Certificates—for verified identity, trusted distribution, and long-term integrity.
Extend Trust Beyond Expiration with Free Timestamping
Ensure long-term integrity of your signed code with IdenTrust’s free IdenTrust Timestamping Authority Server (TSA). Our RFC 3161-compliant service securely binds your code certificate and EV code signing certificate to a trusted timestamp—so your signature remains valid even after the certificate expires, helping you meet compliance requirements and streamline software distribution.
Frequently Asked Questions
1. What is a TrustID Code Signing Certificate and why do I need one?
A TrustID Code Signing Certificate from IdenTrust allows software publishers to digitally sign executables, scripts, drivers, and other code. This digital signature confirms the identity of the publisher and ensures that the code has not been altered or tampered with after signing.
One key benefit is that it helps prevent security warnings—such as those triggered by Windows Defender SmartScreen—by establishing trust with users and operating systems. This is especially important for maintaining a professional reputation and ensuring smooth software installation experiences for end users.
2. What is the difference between standard and EV (Extended Validation) Code Signing Certificates?
Standard Code Signing Certificates verify the publisher’s identity and secure the code, while EV Code Signing Certificates require a more rigorous identity validation process and offer enhanced trust. EV certificates are often required for signing Windows kernel-mode drivers and help reduce SmartScreen warnings in Microsoft environments.
3. What platforms and file types are supported by IdenTrust Code Signing Certificates?
IdenTrust certificates support a wide range of platforms and file types, including:
- Microsoft Authenticode (.exe, .dll, .cab, .ocx, .msi)
- Java applications
- Apple software
- Microsoft Office Macros and VBA
- Firmware and drivers
This broad compatibility ensures secure distribution across multiple environments.
4. How are TrustID Code Signing Certificates secured?
All TrustID certificates are issued on FIPS 140-2 Level 2 compliant hardware tokens or can be installed on a compliant HSM (Hardware Security Module). This ensures that private keys are securely stored and protected from unauthorized access, meeting industry and regulatory standards.
5. What is timestamping and why is it important for code signing?
IdenTrust provides a free RFC 3161-compliant Timestamping Authority (TSA) service. Timestamping binds the digital signature to a specific date and time, allowing the signature to remain valid even after the certificate expires. This ensures long-term integrity and non-repudiation of signed code.
6. Can I use my own HSM with a TrustID Code Signing Certificate?
Yes. IdenTrust supports the use of your own FIPS 140-2 Level 2 or Common Criteria EAL 4+ compliant HSM. This offers flexibility for organizations with existing secure infrastructure and helps meet internal or regulatory security policies.
7. How does code signing help protect against cyber threats?
Digitally signing code with a TrustID certificate ensures that the software has not been modified since it was signed and confirms the identity of the publisher. This helps prevent the spread of malware, protects users from installing untrusted applications, and builds confidence in your software’s authenticity.