Code Signing Certificates
Prove your software is legitimate with a digital signature.
- Pricing
- FAQs
Authenticate your code and protect your intellectual property
With public concern for online security at an all-time high, people are no longer willing to download software without proof that it's legitimate. With a Code Signing Certificate, software developers and other content publishers can 'sign' their code, thereby reassuring customers it's the real thing.
Digital signature validates the code
Code signing adds a digital signature to the software's executable code, validating that the code comes from you. When an end-user attempts to download your content, a dialog box will appear identifying you as the publisher. Any alteration of the original code breaks the digital signature, alerting potential users that the content is not to be trusted.
Supports multiple platforms
Supports Microsoft Authenticode and Java and allows publishers to sign .exe, .cab, .dll, and .ocx files; Java Applets and MIDlets; Microsoft® Office documents with macros; and other types of files that support digital signatures. Code Signing Certificates are perfect for software publishers and content providers of ActiveX controls, dynamic link libraries (.dll files), .cab files, HTML content or any other software distributed over the Internet or via an extranet. The provided time-stamp service allows distribution of signed code beyond certificate expiration.
Protects your reputation
A Code Signing Certificate is essential for any commercial or open source provider who distributes code or content over the Internet or via an extranet. It's also necessary for publishers wishing to protect their reputations by making it impossible for impersonators to successfully tamper with their trusted products. Go Daddy Code Signing Certificates are fully integrated with Industry-Standard technology and are available only to legally registered companies with a registered status of 'Good Standing', 'Active' or equivalent. Registration is confirmed with the appropriate government agency before issuing the Code Signing Certificate.
What is a code signing certificate?
With increasingly active content on the Internet, end users require a method of verifying the legitimacy of downloadable Web content.
Code signing is a digital signature placed on software and other executable files and scripts. Code signatures prove the identity of software authors and validates that the software hasn't been tampered with since its original distribution.
Code signs don't alter the software – it's just an added layer of assurance for your end users.
When software is purchased from a store, it's easy to tell who published the software – and if the package was tampered with. Unfortunately, these factors aren't as obvious when software is purchased online. As a result, end users take on a certain amount of risk when downloading Java applets, plugins, Microsoft® ActiveX® controls, and other executables over the Internet.
Code signing certificates help inspire the same level of trust in your software that customers would have if they purchased your software in a store.
Improve your software security with a digital signature. Inspire user confidence by authenticating the source and integrity of your code with a Go Daddy Code Signing Certificate.
For more information, see our Code Signing Certificate product support page.
Who needs a code signing certificate?
Online security vigilance is at an all-time high. Most Web users won't download software unless you can prove it's legitimate. Code signing certificates inspire confidence and give you the proof you need to validate your code.
Software developers can use code signing certificates to provide extra assurance to their customers about who produced the content and that it's not tampered with. Signed code also prevents unidentified third parties from altering the code before it's distributed.
Content publishers can digitally sign software components, macros, firmware images, virus updates, configuration files or other types of content for secure delivery over the Internet or other mechanisms.
Code signing is particularly important when the source of a given piece of code might not be obvious – for example Active X controls, Java applets, and other active Web scripting codes.
Most Web users understand the potential risks involved with downloading content from the Internet. It's important your end users can trust the code you publish on the Internet. Code signing certificates help confirm software security and assurance with your customers.
For more information, see our Code Signing Frequently Asked Questions.
How does code signing work?
Newer operating systems and Internet browsers are often set to higher online security levels, which often require signed content. For example, Internet Explorer® uses Authenticode® technology to identify the publisher of signed software and verify that it hasn't been tampered with.
When a code signed file is downloaded from a website, the certificate is extracted from the file. The browser cross-checks this information with an internal list of certificate authorities, and then verifies the signature in the certificate.
If the signed software is tampered with in any way, the digital signature breaks and alerts customers that the code has been altered and is not trustworthy.
For more information, see Using Your Code Signing Certificate.
How does someone know they can trust my signature?
When someone attempts to download or run unsigned code, their browser attempts to validate the security of the downloaded content. A security warning pops up or the Web page content fails to load, depending on the browser security settings. These warnings create suspicion and confusion for the user.
Digitally signing code prevents unnecessary warning dialogues when end users attempt to run the signed application or executable file.
After I purchase a Code Signing Certificate, what do I need to do?
After you purchase a code signing certificate, you need to provide a certificate signing request (CSR) from the computer that is signing the code. Depending on the use of the certificate, you can create the CSR automatically, or you can use a tool like OpenSSL to generate the CSR.
After you submit your request, we verify the company information you supplied. The Registration Authority (RA) might contact you to provide additional information, if required. You can monitor the validation process through your account.
Once the code signing certificate is issued, we'll send you an email with a link to download and install the certificate file and any associated intermediate certificates.
You can even time-stamp your signature block using Authenticode to show the validity of your certificate at the time the code was signed.
For more information, see Requesting a Code Signing Certificate.
Support
Receive support and exchange ideas. Join the product group of your choice on Go Daddy Support to:
- Get direct access to info and news that interests you
- Interact with other members
- Gain access to new features
- Check out beta releases
- Find discount codes
- Participate in polls and much more
Our expert sales and support staff are available 24/7.
- Technical support and sales: (480) 505-8877 FASTEST! Expected Wait Time: 1 minute
- Email support: Access Email Support System
Third-party logos and marks are registered trademarks of their respective owners. All rights reserved.
