Certificate auto-issuance
When your private key is stored on an HSM, DigiCert® must confirm the device meets CA/B guidelines. These guidelines require an FIPS 140-2 or EAL4+ compliant HSM. DigiCert® must perform this check even when you use their own compliant HSM.
DigiCert® sends an HSM confirmation email for every publicly trusted code signing certificate that you request. Your certificate can't be issued if you don't complete this HSM confirmation. Delays in the issuance of your certificate may occur if the recipient of the email fails to click on the link and complete the confirmation process.
참고
The subject line of the HSM confirmation email is:
[Action Required] Private key protection requirements for your code signing (order #)
HSM agreement exemption
Provide a Code Signing Audit Letter for each organization in your account to be exempted from the HSM confirmation email process. The exemption ensures that your certificate auto-issues without unnecessary delays.
Exemption validity
The HSM agreement exemption is valid for:
Certificate type | Validity |
|---|---|
Code signing | 825 days |
EV code signing | 13 months |
Request exemption
Contact DigiCert Support.
Request a PDF copy of the Code Signing Audit Letter.
Complete the form.
작은 정보
Regarding Question 4, your private key is stored in DigiCert® Software Trust Manager's HSM, which is FIPS 140-2 level 3 compliant.
Send the completed Code Signing Audit Letter to DigiCert Support.