Documentation
  • Change log
  • Developers
  • English Deutsch Español Français Italiano 日本語 한국어 Português Русский 中文(简体) 中文(繁體)
  • Live Chat
    Talk to a support representative
    Chat now
    Americas
    1.800.896.7973 (Toll Free US and Canada) 1.801.701.9600 1.877.438.8776 (Sales Only)
    Asia Pacific, Japan
    +61.3.9674.5500
    Europe, Middle East Africa
    +44.203.788.7741
    Email sales Email support
  1. Documentation
  2. Manage certificates
  3. Code signing certificates
  • Get started
    • Set up your CertCentral account
  • Manage certificates
    • Client Certificates Guide
      • Order your client certificate
      • Reissue your client certificate
      • Renew your client certificate
      • Cancel pending client certificate orders
      • Cancel pending client certificate reissues
      • Client certificate revocation process
        • Revoke a client certificate
        • Approve client certificate revocation request (Admin)
      • Resend the email validation for DigiCert client certificate email
      • Resend the "Create Your DigiCert Client Certificate" email
      • Turn on client certificate renewal notifications
      • Configure the client certificate approval process
      • Generate your client certificate
      • Configure Outlook to use your Email Security Plus Personal ID Certificate
    • SAML Admin Certificate Requests Guide
      • SAML Certificate Requests prerequisites
      • SAML Certificate Requests service workflow
      • SAML request a certificate workflow
      • Configure SAML Certificate Requests
      • Turn off SAML Certificate Requests
      • Restore access to SAML Certificate Requests accounts
      • SAML: Request a client certificate
      • SAML: Generate your client certificate
      • SAML: Download a copy of your client certificate
      • SAML: Submit a request to revoke a client certificate
      • SAML: Resend the Create Your DigiCert Client Certificate email
      • Allow Access to SAML Settings
        • Add a manager with the SAML permission
        • Edit a manager account and assign them the SAML permission
    • Secure Site certificate benefits
      • Access Secure Site priority support
      • Access Secure Site site seals
      • Access Secure Site malware check
    • Revoke an issued SSL/TLS certificate
      • Submit a request to revoke an SSL/TLS certificate
      • Submit a request to revoke a single certificate on an order
      • Approve (or reject) a certificate revocation request
    • Get a copy of your TLS/SSL certificate
      • Download a TLS/SSL certificate from your CertCentral account
      • Email a TLS/SSL certificate from your CertCentral account
    • Add or replace the CSR on a pending certificate order
    • Order your SSL/TLS certificates
      • Order an OV single or multi-domain SSL/TLS certificate
      • Order an EV single or multi-domain SSL/TLS certificate
      • Order an OV wildcard SSL/TLS certificate
    • Organization and domain management
      • Validation process
      • Organization validation
      • TLS certificate organization validation process
      • Domain validation
      • Manage organizations
        • Add an organization
        • Submit an organization for pre-validation
        • Enable adding non-CertCentral account users as verified contacts
        • Edit organization details
        • Replace the organization contact
        • Replace the technical contact
      • Manage domains
        • Supported domain control validation (DCV) methods for domain prevalidation
        • Hide alternative domain control validation (DCV) methods
        • Add a domain, authorize the domain for certificates, and use verification email as the DCV method
        • Add a domain, authorize the domain for certificates, and use DNS CNAME record as the DCV method
        • Add a domain, authorize the domain for certificates, and use DNS TXT as the validation method
        • Add a domain, authorize the domain for certificates, and use HTTP practical demonstration as the validation method
        • Common mistakes: HTTP practical demonstration DCV method
        • Change a domain's domain control validation (DCV) method
        • Domain prevalidation: Revalidate your domain before validation expires
          • Domain prevalidation: Bulk domain revalidation
      • DNS CAA resource record check
      • Domain locking
    • Manage certificate request approvals
      • Approve a certificate request
      • Remove the approval step from the certificate order process
      • Enable automatic certificate request approvals
    • Grant a Limited user access to a certificate order
    • Automatic certificate renewal
      • Turn on automatic certificate renewals
      • Turn off automatic certificate renewals
      • Set default user for Auto-Renew certificate orders
      • Turning on Automatic Renewals for a Certificate
        • Client Certificate: Turn on Automatic Renewals
        • Code Signing Certificate: Turn on Automatic Renewals
      • Turning Off Automatic Renewals for a Certificate
        • Client Certificate: Turn off Automatic Renewals
        • Code Signing Certificate: Turn Off Automatic Renewals
    • Individual Certificate Renewal Notifications
      • Turn Off Renewal Notifications for a Certificate Order
      • Turn on Renewal Notifications for a Certificate Order
    • Basic and Business SSL/TLS Certificate Enrollment
    • Supported DCV methods for validating the domains on OV/EV TLS/SSL certificate orders
      • Use the Email DCV method to verify domain control
      • Use the DNS CNAME validation method to verify domain control
      • Use the DNS TXT validation method to verify domain control
      • Use the HTTP Practical Demonstration validation method to verify domain control
      • Common mistakes: HTTP Practical Demonstration DCV method
    • Cancel a certificate order
    • Choose the language preference for your account
    • Logging Public SSL/TLS Certificates in to Public CT Logs
      • Will DigiCert log all certificates to public CT Logs?
      • When and when not to log Public SSL/TLS Certificates
      • Keeping SSL/TLS Certificates Out of Public CT Logs
      • Methods for Keeping SSL/TLS Certificates Out of CT Logs
      • Allow users to keep certificates out of CT logs
        • CT Logging Certificate detail added
        • Enable the CT Log exclusion feature on your account
        • See if a Certificate Was Logged to CT Logs
      • Turn off CT logging for your account
      • Check if CT logging is disabled for your account
      • Add an unlogged SSL/TLS certificate to public CT logs
    • DV TLS/SSL Certificate enrollment
      • Order DV TLS/SSL certificates
        • Order a GeoTrust DV SSL Certificate
        • Order a RapidSSL Standard DV certificate
        • Order a RapidSSL Wildcard DV Certificate
        • Order a GeoTrust Standard DV Certificate
        • Order a GeoTrust Wildcard DV Certificate
        • Order a GeoTrust Cloud DV Certificate
      • Canceling a DV Certificate Order
      • Domain Control Validation (DCV) methods
        • Use the Email DCV method
        • Use the DNS TXT DCV method
        • Use the DNS CNAME DCV method
        • Use the HTTP Practical Demonstration (File) DCV method
        • HTTP Practical Demonstration DCV method common mistakes
      • Accessing a DV Certificate
        • Download a DV Certificate
        • Email a DV Certificate from Your CertCentral Account
      • Reissuing DV Certificates
        • Reissue a RapidSSL Standard DV Certificate
        • Reissue a RapidSSL Wildcard DV Certificate
        • Reissue a GeoTrust Standard DV Certificate
        • Reissue a GeoTrust Wildcard DV Certificate
        • Reissue a GeoTrust Cloud DV Certificate
      • Canceling pending reissues on DV Certificates
      • Renewing DV Certificates
        • Renew a RapidSSL Standard DV Certificate
        • Renew a RapidSSL Wildcard DV Certificate
        • Renew a GeoTrust Standard DV Certificate
        • Renew a GeoTrust Wildcard DV Certificate
        • Renew a GeoTrust Cloud DV Certificate
      • Revoke an Issued DV Certificate
        • Submit a Request to Revoke a DV Certificate
        • Approve (or Reject) a Certificate Revocation Request
    • Public certificates – Data entries that violate industry standards
    • Certificate profile options
      • Get your Signed HTTP Exchanges certificate
      • Holen Sie sich Ihr Signed-HTTP-Exchange-Zertifikat
      • Demande de certificat Signed HTTP Exchange
      • SXG (Signed HTTP Exchanges)証明書を取得する
    • Renew an SSL/TLS certificate
    • Code signing certificates
      • Protect private keys
      • Order a Code Signing certificate
      • Order an EV Code Signing certificate
      • Reissue your Code Signing certificate
      • Reissue an EV Code Signing certificate
      • Renew a Code Signing certificate
      • Resend "Create Your DigiCert Code Signing Certificate" email
      • Download a code signing certificate
    • Document signing certificates
      • Renew a document signing certificate
    • Reissue an SSL/TLS certificate
      • Add SANs to your multi-domain SSL/TLS certificate
    • Duplicate an SSL/TLS certificate
      • Flex certificates: Duplicate an SSL/TLS certificate
    • Retiring underscores in domain names
    • DNS CAA resource record check
    • EV certificate countries
    • Flex certificates
    • Vouchers
    • Automatic domain control validation checks
    • Mark a migrated certificate order as renewed
    • Multi-year Plans
    • End of 2-Year DV, OV, and EV public SSL/TLS certificates
    • ICA certificate chain selection feature for public TLS certificates
      • Configure the ICA certificate chain feature for your public TLS certificates
    • Setting the "validTo" time on certificates
    • DigiCert site seals
      • Configure your DigiCert Smart Seal or Norton seal
      • Configure your DigiCert brand site seal
      • Install your DigiCert site seal
      • Troubleshooting: Site seal installation
    • Report Library
      • Build and edit an Audit log report
      • Build and edit a Balance history report
      • Build and edit a Domains report
      • Build and edit an FQDN report
      • Build and edit an Orders report
      • Build and edit an Organizations report
      • Downloading and viewing reports in the Report Library
      • What are the most useful types of reports I can generate?
      • What are some common reports and how do I generate them?
      • Troubleshooting reports
    • Review all OV domains affected by the reduced 397-day validity period
    • Verified Mark Certificate (VMC)
  • Certificate tools
    • Discovery cloud scan service
      • Run a single cloud scan
    • Discovery user guide
      • Discovery prerequisites
      • Discovery workflow and permissions
      • Sensor installation requirements
      • Install a sensor
        • Linux: Install a sensor
        • Microsoft Windows: Install a sensor
        • Docker: Install a sensor
        • Kubernetes: Install a sensor
      • Sensor file structure
      • Configure a sensor to use a proxy server for communications
        • Change sensor proxy settings
        • Retrieve sensor proxy settings
      • Activate a sensor
        • Linux: Activate a sensor
        • Microsoft Windows: Activate or start a sensor
        • Docker: Activate or start a sensor
      • Stop a sensor
        • Linux: Stop a sensor
        • Windows: Stop a sensor
        • Docker: Stop a sensor
      • Update a sensor
        • Windows and Linux: Update a sensor
        • Docker: Update a sensor
        • Kubernetes: Update a sensor
      • Restart a sensor
        • Linux: Restart a sensor
        • Microsoft Windows: Restart a sensor
        • Docker: Restart a sensor
      • Suspend a sensor
      • Void a sensor
      • Uninstall a sensor
        • Linux: Uninstall a sensor
        • Windows: Uninstall a sensor
        • Docker: Uninstall a sensor
        • Kubernetes: Uninstall a sensor
      • Rename the sensor
      • Set up and run a scan
      • Edit a scan
      • Sensor troubleshooting
      • Add public and private root and intermediate CAs
      • Blocklist IP addresses and FQDNs
      • Manually upload certificates
      • Delete all scan records from scan results
      • Discovery renewal notices
        • Enable Discovery renewal notifications
        • Disable Discovery renewal notifications
        • Renewal notification per discovered certificate
        • Enable renewal notices for a discovered certificate
        • Disable renewal notices for a discovered certificate
      • TLS/SSL certificate vulnerabilities
        • Certificate name mismatch
        • Internal names
        • Missing or misconfigured fields and values
        • SHA-1 hashing algorithm
        • Weak hashing algorithm
        • Weak keys
      • TLS/SSL endpoint vulnerabilities
        • BEAST
        • BREACH
        • CRIME
        • FREAK
        • Heartbleed bug
        • Logjam attack
        • RC4 cipher enabled
        • DROWN
        • POODLE (SSLv3)
        • Sweet32
        • POODLE (TLS)
        • Cross-site scripting (XSS)
        • SQL injection
        • Cross-domain policy
        • CSRF
      • Supported endpoint configuration
      • Replace a certificate
      • SSH keys
    • Certificate lifecycle automation guides
      • Automation service overview
        • Automation actions
        • Deployment options
        • CertCentral automation menus
        • Automation workflows
      • CertCentral managed automation user guide
        • Get started with automation
        • Managed automation workflow
        • Set up ACME agent-based automation for hosts
          • System and network requirements
          • Install and activate an ACME automation agent
          • Configure an ACME automation agent
          • Use a proxy or sensor with host automations
          • Set up a custom application for managed automation
          • Next steps
        • Set up sensor-based automation for network appliances
          • High availability on F5 BIG-IP load balancer
          • Configure your sensor for agentless automation
          • Configure sensor (agentless) automation settings using a file
          • Verify sensor (agentless) automation configuration
        • Automation profiles
          • Create an automation profile
          • Edit automation profile settings
          • Manage default automation profiles
          • Fix an incomplete automation profile
        • Schedule an automation event
        • Configure automatic renewal of automation profiles and certificates
        • Request duplicate certificate
        • Certificates eligible for retry
        • Common Name (CN) for a wildcard certificate
        • Manage blocked agent ports
        • Create a DNS integration to automate DV certificates on load balancers
        • DNS integration CLI commands
        • Discovery service integration with automation workflows
        • Automation: Known issues
      • Manual ACME automation integration user guide
        • ACME Directory URLs for Signed HTTP Exchange certificates
        • Troubleshooting: ACME clients
        • ACME: Known issues
    • Post-Quantum Cryptography
      • PQC toolkit setup guide
      • PQC dockerized toolkit guide
    • Azure Key Vault integration guide
      • Order an SSL/TLS certificate from Key Vault account
    • CT log monitoring service
      • Enable CT log monitoring
      • Disable CT log monitoring
      • Disable CT log monitoring urgent notification
      • Enable CT log monitoring urgent notification
    • Vulnerability assessment service
      • Enable the vulnerability assessment service
      • Disable the vulnerability assessment service
      • Configure the vulnerability assessment service email notifications
  • Manage account
    • SAML Admin Single Sign-On Guide
      • SAML Single Sign-on prerequisites
      • SAML service workflow
      • Configure SAML Single Sign-On
      • Turn off SAML Single Sign-on
      • Restore SAML Single Sign-on for CertCentral accounts
      • Allow access to SAML Settings permission
        • Add a manager with the SAML permission
        • Edit a manager account and assign them the SAML permission
      • Managing SAML Single Sign-on (SSO) users
        • Administrators and managers: SAML SSO-only versus SAML SSO account
        • SAML SSO account users versus SAML SSO-only users
        • Difference when converting SAML SSO-only and SAML SSO account users
        • Add a SAML SSO-only or a SAML SSO account user
        • Convert a SAML SSO-only or SAML SSO account user
        • SAML SSO: Invite users to join your account
    • Unlock a "locked" CertCentral account
    • Add a credit card to your CertCentral user account
      • Deactivate an account credit card
    • Set up account credit
    • Generate certificate price quotes in CertCentral
    • Add a new user to your CertCentral account
      • Resend the "DigiCert User Account Created – Action Required" email
      • User roles in your CertCentral account
    • CertCentral user roles and account access
      • Unrestricted versus restricted
      • Roles and account access
      • Subroles
    • Manage users
      • Add a user to your CertCentral account
      • Resend the create account instructions to a new user
      • Invite users to join your CertCentral account
      • Create your user account
      • Approve a new user's account
      • Unlock a locked account
    • Division management
      • Create a division
    • Customize your certificate request forms
      • Manage custom order form fields
        • Custom order forms fields features
        • Add a custom field to your request forms
        • Deactivate a custom order form field
        • Activate a custom order form field
        • Pending requests: Finish required and optional custom fields
        • Use your custom fields to search for specific orders
      • Limit who can add new organizations from request forms
      • Limit who can add new contacts from request forms
    • Manage Guest URLs
      • Create a Guest URL
      • Send a Guest URL to non-CertCentral account holders
      • Edit a Guest URL
      • Delete a Guest URL
      • View Guest URLs
    • CertCentral notifications
      • Add emergency contacts to your account
      • Set up account notification recipients
      • Certificate renewal notifications
        • Configure renewal notifications
        • Configure escalation renewal notifications
      • Configure certificate lifecycle recipient settings
      • Set the language for CertCentral email notifications
      • Customize email templates
    • Configure Private SSL certificate products
    • CertCentral account balance and PO process changes
    • DigiCert 2021 maintenance schedule
    • Subaccount management
      • Create and configure a subaccount
      • Managed subaccounts
      • Subaccount orders
      • Send subaccount invitations
      • Commissions
      • Configure bill-to-parent subaccount spending limits
    • DigiCert CertCentral Support Plans
    • CertCentral two-factor authentication
      • CertCentral two-factor authentication account configurations
      • Turn on two-factor authentication
      • Turn off two-factor authentication
      • Configure two-factor authentication requirements for your account
      • Enable 30-day computer verification for OTP app authentication
      • Set up the second factor of your two-factor authentication
        • Generate your client certificate
        • Set up your OTP app or device
        • Reset a client certificate or OTP app or device
    • Guest access
    • DigiCert 2022 maintenance schedule
      • DigiCert 2022年 メンテナンススケジュール
    • Add approved user email domains
  • Upgrade to CertCentral
    • Upgrade from QuoVadis to CertCentral
      • Get started
      • Validation, discovery, and reporting
      • Support and training
      • Common tasks
      • Order from a guest URL
  • Change log

Code signing certificates

Documentation for managing your Code Signing and EV Code Signing certificates throughout their lifecycle (order, rekey/reissue, renew, etc.):

Related topics:

  • Protect private keys
  • Order a Code Signing certificate
  • Order an EV Code Signing certificate
  • Reissue your Code Signing certificate
  • Reissue an EV Code Signing certificate
  • Renew a Code Signing certificate
  • Resend "Create Your DigiCert Code Signing Certificate" email
  • Download a code signing certificate

About

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.

  • Resources
    • Support
    • Tools
    • Blog
    • FAQs
  • Company
    • About Us
    • Newsroom
    • Contact Us
  • Legal
    • Terms of Use
    • Privacy Policy
    • Legal Repository
    • WebTrust Audits

This site uses cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyze your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties. Read our Cookie Policy and Privacy Policy to learn more.