With DigiCert’s completed acquisition of DigiCert's Website Security business we will be updating our Code Signing public trust chains to modernize and streamline our Code Signing offerings.
All development, validation environments with hard-coded PKI hierarchies must be updated with the new chain.
These changes will apply to all code-signing products (MSFT Authenticode, Oracle Java, MSFT Office & VBA, Adobe Air and Extended validation).
There is no impact to existing code-signing certificates or the validity of signed files, whether timestamped or otherwise. We expect to issue all new code signing certificates from DigiCert’s hierarchy and infrastructure starting April 2018.
For information on changes to the Code Signing public trust chains please refer to the knowledge base article: New PKI Trust Chain for Code Signing
Please check as soon as possible for system dependences, or hard-coded DigiCert/Thawte roots to processes and modify accordingly to trust new certificates.
Frequently Asked Questions