Online Support Helpline: +48 91 4472 850 Buy in Certum Reseller Network
$
Search
Advanced Search
My Cart
  • My orders

EV Code Signing - code

Are you a software publisher or developer? Do you share your programs with users?

Secure your software with an EV Code Signing certificate, which provides:

  • Integrity
  • Elimination of the "Unknown publisher" message
  • Trust of your software users
  • Building a Microsoft SmartScreen Filter reputation

An electronic code allows the certificate activation for customers who have their own cryptoCertum cryptographic card and reader. 

New validity rules – information for buyers of 2- and 3year products

Starting from February 27, 2026, a single Code Signing certificate may be valid for a maximum of 459 days. Therefore, when purchasing a 2 or 3year product, one or more free reissues will be required during the service period. More details are available in the "Certificate Validity"

from  $399.00  gross from  $399.00  net
 gross  net
In stock
Code electronic delivery of on-line
EV Code Signing
main product photo

The EV Code Signing certificate is a certificate that allows you to digitally sign software. The certificate is trusted by Microsoft and supports building the Microsoft SmartScreen Filter reputation.

By securing your software with an EV Code Signing certificate, you can protect your code from unauthorized modification and provide users with the security of the downloaded application.

By signing your code with an EV Code Signing certificate, people who download and install your software:

  • Wil not see “unknown publisher” warnings;
  • Will be sure that the software comes from a trusted source;
  • Will be guaranteed that the downloaded program hasn't been modified after its release;
  • Will be less likely to see the Microsoft SmartScreen Filter screen, which you reduce by signing the software.

An electronic code allows the certificate activation for customers who have their own cryptoCertum cryptographic card and reader. 

Certificate Validity

From February 27, 2026, the maximum validity of Code Signing certificates is reduced to 459 days.

The 2 and 3year products remain available, but:

Certificates issued within the product must meet current validity limits.
Therefore, when using a 2 or 3year product, it will be necessary to perform one or more reissues during the product’s validity period.

This means that you purchase a product for 2 or 3 years, but you do not receive a single certificate valid for that entire time.
Instead, you gain the ability to issue multiple new certificates free of charge, each compliant with the current maximum validity.

Why is this changing?

These changes, introduced by the CA/Browser Forum in Ballot CSC-31, aim to strengthen the security of digital certificates and the software supply chain.

Example workflow for a 3 year product

  1. Day 0 – product activation
    You activate the product and issue the first certificate valid for up to 459 days.
  2. Before day 459 – required reissue
    You must issue a new certificate.
    • The process is free of charge.
    • The identity verification of your organization may be reused if it is still within its validity period.
    • You will be informed by email in advance about the need to perform a reissue, ensuring continuity of software signing.
  3. Issuance of the second certificate
    You receive a new certificate, again valid for up to 459 days.
  4. Before the next expiration
    You perform another reissue to obtain the next certificate.

Result

Through consecutive reissues, you maintain continuous software signing capability for the full 3 years, even though a single certificate cannot be valid longer than 459 days.
Full instructions for performing a reissue are available here.

Use and benefits

Benefits of the EV Code Signing certificate:

  • Protect the good name of the brand and build the company's reputation;
  • Gain the trust of users;
  • Provide reliable identification of the origin of the software;
  • Receive a guarantee of the integrity of your applications;
  • Make the installation of your software easier and ensure that it meets the requirements of the platforms on which it is installed;
  • Add a timestamp, so that after the certificate expires, your application can still be installed without warnings about the lack of a signature.

Compatibility: 

  • Trusted by Microsoft, also for building the reputation of Microsoft SmartScreen Filter and creating an account in Microsoft Windows Hardware Program to sign the drivers;
  • Trusted in Java;
  • Supports signing using tools installed in Linux/Unix and macOS systems;
  • Supports signing a number of file extensions, depending on the tool used, including: .exe, .msi, .dll, .jar, .war, etc. .
Technical requirements

Requirements:

  • proCertum CardManager application
  • Cryptographic card reader
  • Cryptographic card reader drivers
  • Cryptographic card cryptoCertum 3.5 or cryptoCertum 3.6
  • Initialized common card profile

Specification:

  • Data in the certificate: organization data
  • Compliant with the X.509 v.3 (RFC5280) standard
  • Minimum length of cryptographic keys: RSA 3072 bit
  • Key storage: CC EAL6+
  • Issued in accordance with the international WebTrustSM/TM standard and CA/Browser Forum
Verification

The verification process and documents required to issue a certificate are described in the instructions at: https://support.certum.eu/en/code-signing-required-documents/

To Top