Requesting a Code Signing Certificate
When you request a code signing certificate in your account, you need to provide a certificate signing request (CSR) from the computer you will use to sign code. Depending on how you plan to use the certificate, you can automatically generate the certificate signing request (CSR) or you can use a tool, such as OpenSSL, to create one. Recent versions of Microsoft® Internet Explorer® and Mozilla Firefox® can automatically generate a CSR for you. However, if you are signing Windows® code, such as .exe or .dll files, we recommend using Internet Explorer for simplicity.
Be sure to request the certificate using the computer and the account (typically Administrator) you will use to sign the code. Requesting the certificate creates a private key on the computer that you must associate with the code signing certificate when you install it.
NOTE: If you're signing Java code, use keytool to generate the CSR. For more information, see Sign Java Code.
To Request a Code Signing Certificate
- Log in to your Account Manager.
- Click SSL Certificates.
- Click Launch for the certificate credit you want to use.
- Click the Credits folder.
- Click Request Certificate for the code signing credit you want to use.
- Enter the requested information.
- Click Next.
- Enter a Certificate Alias.
- Select a method to generate the CSR:
- AUTO — Select this option if you want your browser to use the information in your account to automatically generate and provide the CSR.
- MANUAL — Select this option if you want to manually generate the CSR. After you generate the CSR, paste it into the CSR in the box provided. For more information, see Generating a Certificate Signing Request for Code Signing Certificates.
- Select the Signature algorithm.
- Select the certificate issuing organization. For more information, see What issuing organization is right for my code signing certificate?
- Select that you have read and agree to the terms and conditions of the Code Signing Subscriber Agreement.
- Click Next.
- Verify your information, and then click Submit.
NOTE: If you do not see the credit, refresh your list by clicking Update List in the grey bar.
NOTE: Secure Hash Algorithm (SHA) is used for encryption. Because Microsoft's® Kernel-Mode code signing policy requires digital signatures to use SHA2, you must use it when signing code on a Windows operation system for use on a Windows operating system for Kernel-Mode drivers.
After you submit your request, we must verify your application. You can monitor the progress in your account by clicking on the certificate alias in the Pending Requests folder.
Be sure to check your email for further instructions. Once we issue the certificate, we email you details for downloading it and, if necessary, the intermediate certificates.
For more information, please see the following articles:
Sign Java Code
Converting an Exported PFX Code Signing File to PVK and SPC Files Using Windows
Exporting an Installed Code Signing Certificate from Firefox
What issuing organization is right for my code signing certificate?
Code Signing Microsoft Office Macros and Visual Basic for Applications
Import a Code Signing Certificate into Firefox
Your message was successfully sent.
There was an error in sending your message, please try again.
Have a question about the content of this article?