Code Signing Certificates

Code signing is a way of ensuring the code you get is from who you expect it to be from and that it has not been altered.  The code is digitally signed using a cryptographic hash.  There are 2 common ways to sign the code.  You can use a CA (Certificate Authority) or the developer can have their own system of generating keys.  Although the code is signed and from who you expect does not mean that the code is safe.  It simply means yuou are getting what you expected to get and from who you expected to get it from,  The code may still have bugs in it and a careless developer may also inadvertently allowed a virus into his code.

Comodo, Thawte, Verisign, and other CA's provide a way to sign code.  There are advantages to to using Code signing which include reduction  of security warnings and protecting users from bad  files.

Below are some of the types of code that can use a Code Signing Certificate.

  • Microsoft Authenticode (exe, dll, ocx, xpa, xpi, cab, msi)
  • Sun Java (jar)
  • Adove AIr (air)
  • Adobe Shockwave (shockwave files)
  • Mac (desktop apps)
  • Microsft Office VBA (scripts for doc, xls. ppt)
  • Windows Mobile (cab)
  • Brew (digital notarization)

Learn more about the benefits of Code Signing.