Signature metadata preferences
These settings provide flexibility and customization options when signing code or files. Depending on your security and verification requirements, you can enable or disable these options as needed to meet your specific needs.
Sign in to DigiCert ONE.
Select the Manager menu (top right) > Software Trust.
Navigate to: Account > Account settings.
Select the edit icon.
Scroll down to Signature metadata.
You can edit the following account settings related to releases:
Field
Description
All
Select this checkbox to include all the metadata below when signing.
Checksum after signature
Enabling this option generates and stores a checksum (a hash value) of the signed file after the code signing process. The checksum provides a way to verify the integrity of the file after it has been signed.
Checksum before signature
Enabling this option generates and stores a checksum before the code signing process. It can serve as a baseline for verifying the file's integrity before it was signed.
Digest algorithm
Enabling this option specifies the cryptographic hash algorithm used to create the hash value (checksum) for the file.
File location
Enabling this option includes the specific the location or path where the signed file should be saved after the code signing process is completed.
File name
Enabling this option allows you to configure the name of the signed file to determines what the signed file will be named once the signing process is done.
Signing tool
Enabling this option includes information about the tool or software used for code signing. It may include details about the version of the signing tool, its issuer, or other relevant information.
Timestamp
Enabling this option includes a timestamp in the digital signature. The timestamp indicates when the signature was applied to the file. It helps ensure the validity of the signature even if the certificate used for signing expires.
Timestamp URL
Enabling timestamping allows you to specify the URL of the timestamping authority or service that provides the timestamp. Timestamps are used to prove that the signature was applied at a particular time, which is important for long-term verification.
Dica
DigiCert timestamp URL is:
http://timestamp.digicert.com
Select Update settings.