Code Signing

Authenticity and assurance in a signature: guarantee the integrity and security of your software components

Code signing: the security of digital signatures applied to software components

Code Signing Certificates let you add a digital signature to a wide range of executable software components, to guarantee their authorship, integrity and ensure the source code has not been tampered with.

The certification process inextricably links the identity of an IT organisation to a key pair: the private key, used by the developer or distributor to sign the code, and the public key, which allows the end user to verify the identity of the signatory (and so the reliability of the software component).

This is an essential security measure for any organisation that needs to protect the software components they develop and distribute from the risk of malware.

Learn more about our solutions

Actalis code signing certificates for business: key benefits

By digitally signing files containing executable code, companies can both protect and optimise their work while fostering a relationship of trust with customers. What’s more, they can protect their brand from any damage to their reputation caused by malware.

Some of the benefits of using a code signing certificate:

Authenticity and reliability


Certify the identity of the organisation developing and distributing software.

Integrity of the components


Make sure that the code has not been accidentally or maliciously altered after signing.

Download and installation


Processes are faster and more secure, as interruptions are reduced and the end users' devices are protected.

Avoid error notifications


Reduce the number of security alerts, replacing them with messages containing information about the software publisher.

Actalis solutions for code signing certificates

Our code signing certificates comply with the requirements of the CAB Forum, the association that brings together the main Certification Authorities around the world.

Centralised certificates with Enterprise RA and API


Thanks to the Enterprise RA web application and its APIs, companies can deliver code signing certificates for themselves. What’s more, they can keep track of the lifecycle of the issued certificates at any time, managing renewals and revocations.

Comprehensive management of certificates with API partners


Partners and resellers have access to simple APIs to manage applications for the entire lifecycle of code signing certificates, using a set of integrated web services.

Best practices for using code signing certificates

To manage the code signing process correctly and securely, we recommend following the guidelines below.

Restrict access to private keys


Only let a small group of authorised personnel access the PCs used for the code signing process.

Authenticate the code before signing it


Keep track of all code signing operations and prevent unapproved or malicious code from being signed.

Protect private keys using encryption hardware devices


Prevent attacks by storing your keys with security-compliant tools (such as a smart card or USB token).

Scan for viruses before signing the code


Make sure any third-party libraries and code you're about to sign do not contain viruses.

Always add a timestamp to the signed code


This will validate the signed code even after the code signing certificate has expired or been revoked.

Reduce risk with multiple certificates


Avoid signing all your software with the same certificate, use different ones and change your keys frequently.

Use test certificates to sign code that has not yet been issued


When carrying out tests, choose different keys from those used in the production environment.

Revoke compromised certificates


If your private key is compromised, revoke it and contact Actalis.


How to request and install your Code Signing certificate

Contact our technical experts

Code Signing solutions are just one element of complex IT projects. We can provide all the technological tools and experience needed to help companies design and implement custom solutions at scale.

get in touch today