Code Signing

Authenticity and assurance in a signature: guarantee the integrity and security of your software components

Code signing: the security of digital signatures applied to software components

Code Signing Certificates let you add a digital signature to a wide range of executable software components, to guarantee their authorship, integrity and ensure the source code has not been tampered with.

The certification process inextricably links the identity of an IT organisation to a key pair: the private key, used by the developer or distributor to sign the code, and the public key, which allows the end user to verify the identity of the signatory (and so the reliability of the software component).

This is an essential security measure for any organisation that needs to protect the software components they develop and distribute from the risk of malware.

Learn more about our solutions

Actalis code signing certificates for business: key benefits

By digitally signing files containing executable code, companies can both protect and optimise their work while fostering a relationship of trust with customers. What’s more, they can protect their brand from any damage to their reputation caused by malware.

Some of the benefits of using a code signing certificate:

Authenticity and reliability

Certify the identity of the organisation developing and distributing software.

Integrity of the components

Make sure that the code has not been accidentally or maliciously altered after signing.

Download and installation

Processes are faster and more secure, as interruptions are reduced and the end users' devices are protected.

Avoid error notifications

Reduce the number of security alerts, replacing them with messages containing information about the software publisher.

Actalis solutions for code signing certificates

Our code signing certificates comply with the requirements of the CAB Forum, the association that brings together the main Certification Authorities around the world.

Centralised certificates with Enterprise RA and API

Thanks to the Enterprise RA web application and its APIs, companies can deliver code signing certificates for themselves. What’s more, they can keep track of the lifecycle of the issued certificates at any time, managing renewals and revocations.

Comprehensive management of certificates with API partners

Partners and resellers have access to simple APIs to manage applications for the entire lifecycle of code signing certificates, using a set of integrated web services.

Best practices for using code signing certificates

To manage the code signing process correctly and securely, we recommend following the guidelines below.

Restrict access to private keys

Only let a small group of authorised personnel access the PCs used for the code signing process.

Authenticate the code before signing it

Keep track of all code signing operations and prevent unapproved or malicious code from being signed.

Protect private keys using encryption hardware devices

Prevent attacks by storing your keys with security-compliant tools (such as a smart card or USB token).

Scan for viruses before signing the code

Make sure any third-party libraries and code you're about to sign do not contain viruses.

Always add a timestamp to the signed code

This will validate the signed code even after the code signing certificate has expired or been revoked.

Reduce risk with multiple certificates

Avoid signing all your software with the same certificate, use different ones and change your keys frequently.

Use test certificates to sign code that has not yet been issued

When carrying out tests, choose different keys from those used in the production environment.

Revoke compromised certificates

If your private key is compromised, revoke it and contact Actalis.

How to request and install your Code Signing certificate

Contact our technical experts

Code Signing solutions are just one element of complex IT projects. We can provide all the technological tools and experience needed to help companies design and implement custom solutions at scale.

get in touch today