Manage your certificates in DigiCert® CertCentral

All legacy Symantec account portals have moved to CertCentral. Log in below if you’ve already activated your CertCentral account. If not, contact our sales or support teams here. They will send you an email with a unique link to access your account. Login
SECURITY TOPICS

Code Signing: How it Works

DigiCert helps you deliver your apps and code to more customers on more platforms than any other provider. More developers and publishers rely on DigiCert, the most recognized and trusted Certificate Authority (CA) worldwide, than any other CA.

How Code Signing Protects Your Intellectual Property and Reputation

DigiCert's robust authentication practices, public key infrastructure and technical support teams help ensure a safe, secure experience for you and your customers.

 

Digital signatures use public key cryptography technology to secure and authenticate code.

  • A developer adds a digital signature to code or content using a unique private key from a code signing certificate
  • When a user downloads or encounters signed code, the user’s system software or application uses a public key to decrypt the signature
  • The system looks for a “root” certificate with an identity that it trusts or recognizes to authenticate the signature
  • The system then compares the hash used to sign the application against the hash on the downloaded application
  • If the system trusts the root and the hashes match, then the download or execution continues
  • If the system does not trust the root or the hashes do not match, the system interrupts the download with a warning or the download fails

Introduction to Code Signing

Website Security

Self-Signed Digital Certificates

A self-signed digital certificate is chained to a root certificate owned by the signer. In most cases, your root certificate will not be available to third party software and devices.

A Trusted Certificate Authority

When you enroll for a digital certificate, the CA authenticates your identity and issues a certificate that is chained to the CA’s root certificate. Application and device have root certificates of known and reputable CA’s embedded within them. When the application or device trusts the root certificate, it trusts you. DigiCert root certificate ubiquity is second to none. Our root certificates come preinstalled on most devices and embedded in most applications, creating a seamless, secure installation process for end users.

DigiCert Code Signing Certificates

Boost Software Adoption and Sales with Code Signing

What's Code Signing?

Code signing is a digital signature added to software and applications that verifies that the included code has not been tampered with after it was signed.

DATA SHEET
SHA 256 Support

SHA 256 Support

Secure Hash Algorithm (SHA) 256 Support is available for DigiCert Code Signing Certificates.

Continue Reading

Code Signing: Why Sign

Code Signing: Why Sign

5 Reasons Why You Should Sign Your Code with DigiCert Code Signing.

Continue Reading

Code Signing 101

Code Signing 101

Code signing does two things: it confirms who the author of the software is and proves that the code has not been altered or tampered with after it was signed. Both are extremely important for building trust from customers and safely distributing your software.

Continue Reading

USE CASES

Website Security Solutions In The Real World

SECURITY FUNDAMENTALS

What You Need to Know About Protecting Your Business

Focus

How Website Encryption Works

LEARN MORE

Focus

How Website Encryption Works

LEARN MORE

Applications

Boost Software Adoption and Sales with Code Signing

LEARN MORE

Malware

Malware Scanning FAQ

LEARN MORE

Join the Community

Follow Threat Intelligence on Twitter @Threatintel

DIGICERT ON TWITTER

Watch Videos on the Website Security YouTube Channel

DIGICERT ON YOUTUBE
 >  Security Topics  >  How Code Signing Works

Products

Support

Security Topics

Partners

We have updated our Privacy Policy which can be found here.
Contact Us