





At SignMyCode, we understand the importance of streamlined and secure code signing certificate delivery. Our certificate delivery methods have been updated to ensure compliance with the latest standards.
This article pertains to Code Signing certificates acquired after May 14, 2023.
All Code Signing certificates now require installation on physical hardware tokens.
For Individual Code Signing(IV), Organization Validation (OV) or Extended Validation (EV) Code Signing certificates, we offer two options:
Note: Currently, the supported hardware includes:
When purchasing your code signing certificate from us, selecting the appropriate Code Signing Certificate Delivery Method that suits your needs is essential.
Please carefully consider your choice before finalizing the purchase, as the delivery method cannot be modified later.
Recommended: CA/B Forum Baseline Requirements v2.8 for Code Signing Certificates
We offer four convenient delivery methods for your certificate, ensuring flexibility and reliability. Below are the available options:
If you are an advanced user and already possess a compatible Hardware Security Module (HSM), you can choose the Install on Existing HSM method.
This option grants you the flexibility to install the code signing certificate on your own device. It is crucial to note that your HSM must meet at least the FIPS 140-2 level 2 standard. We recommend this option for experienced users who are well-versed in HSM technology.
YubiKey FIPS Series and Luna.
If you already own a compatible Hardware Security Module (HSM) device such as the YubiKey FIPS Series or Luna (please refer to the version supported by Sectigo), you can choose the “Use Existing Token” method. This option allows you to use your HSM device for code signing, ensuring convenience and familiarity.
If you prefer to have a new Hardware Security Module (HSM) device shipped to a US address, you can select the “Token & US Shipping” method. SignMyCode will provide you with a new HSM from Sectigo(Formerly Comodo), DigiCert and Certera, ensuring compatibility and optimal performance. The shipping service will deliver the HSM device directly to your specified US address.
Also, for a convenient and hassle-free experience, you can pick the Token + Shipping process. This option allows you to order a pre-configured token directly from the Certificate Authority. The cost of the hardware and shipping fees will be included in the overall purchase price. This option is recommended for most users.
We offer the “Token & International Shipping” method for customers outside the United States. With this option, you can have a new Hardware Security Module (HSM) device from Sectigo (Formerly Comodo) or Certera shipped to your international address. This ensures that you can securely sign your code regardless of your location.
If you require urgent delivery of a new Hardware Security Module (HSM) device, you can select the “Token & Expedited Shipping” method.
This ensures that your new HSM device from Sectigo or Certera CA will be delivered to your US address the next day, guaranteeing minimal downtime and uninterrupted code signing operations.
If you opt for Sectigo Code Signing certificates, you must provide an Attestation bundle from your HSM during the certificate order generation process.
The following HSM brands are supported for Sectigo Code Signing certificates:
That’s all about Sectigo ( Formerly Comodo) and Certera Sub CA. Now Let’s understand the delivery modes of DigiCert CA.
DigiCert CA ensures a smooth and secure code signing certificate delivery process offering various delivery options to cater to your specific needs. Here are the available delivery methods:
If you prefer to receive a new hardware token along with your code signing certificate, you can select the “Token & Standard Shipping” option. Using standard shipping services, they will ship the hardware token to your specified address US or International. This ensures that you have a dedicated token for securely signing your code. For Further Process, you need to follow instructions provided by DigiCert.
For customers who already possess a compatible hardware token get the “Use Existing Token” option. By selecting this method, you can utilize your token (SafeNet 5110 CC, SafeNet 5110 FIPS, or SafeNet 5110+ FIPS) for code signing. Also, You needs to use “DigiCert Hardware Certificate Installer” for installation process.
If you have a compatible Hardware Security Module (HSM) and prefer to install the code signing certificate on your existing device, you can choose the “Install on Existing HSM” method.
For this a CSR needs to be generated and submitted by client which must be generated from token or from vault they are going to use like Azure KeyVault, Yubikey, etc.
Generate CSR and Key Attestation Using Luna Network HSM?
Generate Private Key and CSR Attestation with YubiKey Manager
Create Private Keys, CSR, and Import Code Signing Certificate in Azure KeyVault HSM?
This option allows you to leverage the capabilities of your HSM for code signing. It is suitable for advanced users familiar with HSM technology and with the necessary infrastructure.
By providing these delivery options, DigiCert CA ensures that you have the flexibility to choose the most suitable method for your code signing certificate. You are covered whether you prefer a new hardware token, want to use your existing token or install the certificate on your HSM.
Select the appropriate delivery method that aligns with your requirements and enjoy a streamlined and secure code signing process with DigiCert CA.
For DigiCert Code Signing Certificates, you can install them on an existing SafeNet USB device.
The following SafeNet series are supported:
Recommended: How to Set Up Your DigiCert-Provided eToken?
Once your purchase is completed, the certificate delivery method cannot be changed. However, if you realize you selected an incorrect delivery method, you can cancel your order through your account dashboard.
Following the cancellation, you can proceed to purchase another certificate with your preferred delivery method selected.
We constantly strive to provide an effortless code signing certificate experience.
By offering multiple delivery options and ensuring compliance with the latest security standards, we aim to simplify the process for our valued customers.
Choose the right delivery method for your needs and enjoy the benefits of secure and reliable code signing.
Hassle-Free Token Based Code Signing Certs
Buy Code Signing Certificate with FIPS 140 Level 2, Common Criteria EAL 4+ or equivalent Hardware Tokens from SignMyCode at Affordable Prices Starts at $199.99/yr.