(9 votes, average: 4.89 out of 5)
When it comes to securing software, developers use a Code Signing Certificate. But, the process starts way before the certificate’s installation on the system. When a software developer has to avail of a Software Publisher Certificate, a CSR needs to be submitted to the Certificate Authority.
Without creating the CSR, it’s impossible to even move an inch forward in the process. Traditionally, command line interfaces gets used to create a CSR. But now to save time and effort, numerous tools are present. And one of the most prominent among them is DigiCert Certificate Utility Tool.
It offers a user-friendly interface and even a newbie can understand its procedures.
So, let’s get started with CSR generating using DigiCert Certificate Utility.
Certificate Signing Request is the file required by the Certificate Authority to process the issuance of a Code Signing Request. CSR contains all the relevant information, such as common name, organization name, public key details, and more.
The primary purpose of generating a CSR is to include all the crucial information in a single file, aligning CA/B Forum standards. Further, multiple mechanisms are available to create a CSR, such as through OpenSSL, a compatible web browser, or a utility tool (DigiCert Certificate Utility). And from all three methods, using a utility tool gets considered the easiest due to its graphical interface.
To start the CSR generation process, you must install the DigiCert Certificate Utility Tool on your Windows system. After its installation, execute the following steps in the given sequence.
After the installation of the utility tool, run it on your system. Once it gets opened, you will see that it provides more features than just creating the CSR. Also, its functions are not limited to Code Signing Certificates. And you can also utilize it for SSL/TLS Certificate functionalities.
In the left panel, you will have the SSL, Code Signing, Tools, and Account Options. Further, in the upper right, the tool will list check the signature, create CSR, import, refresh, and other functionalities.
To start with creating CSR, Go to Code Signing in the left panel and it will display all the associated options. Besides it, you will also see available Code Signing Certificates on your machine (if any).
From the Code Signing options in the upper right corner, select the Create CSR option. After clicking on it, you will see the form-type interface, requiring your details as the software publisher/developer.
However, you must check that Certificate Type gets selected as Code Signing instead of SSL. If not, then switch to Code Signing. Moreover, the same information is also gets displayed by the tool.
Now, it’s time to fill in the required information and generate Code Signing Request. And for defining correct information, it’s essential to understand to fill in the form. So, have a look at the below table.
|Data Required||What is it?|
|Common Name||In the common name field, you can enter a name for your code signing certificate to differentiate it from other certificates. For instance, you can set a common name as your name, project name, or any other of your choice.|
|Organization||In this field, provide the organization’s name as per the legal document, such as government registration.|
|Department||For code signing, it’s not necessary. But, here you need to input the name of an organizational unit.|
|City||Type the name of the city, in which your organization has its office. Remember, the address must be similar to the one on government-approved documents.|
|State/Country||Here, enter the state and country according to the organization’s address.|
|Key Size||Select the key size of the private/public key associated. DigiCert utility offers to select from 2048, 3072, and 4096 key sizes. However, you need to select 3072 or above only to align with CA/Browser Forum standards. Otherwise, CA will not issue you a Code Signing Certificate.|
Fill in all the information in the form and click on the Generate button. As a result, the DigiCert utility will open a new dialog box, displaying your CSR (Code Signing Request).
Your CSR will look similar as shown in the below image. Between the BEGIN NEW CERTIFICATE REQUEST and END NEW CERTIFICATE REQUEST is your CSR. You can copy it using the Copy CSR button and even save it through the Save to File button.
The CA will analyze it to validate your legitimacy before issuing the Software Publisher Certificate.
It’s a common question and a myth among various people, that the DigiCert Certificate utility tool is only for DigiCert EV Code Signing Certificate. But, the truth is that you can use the DigiCert utility for any Code Signing certificate from any other Certificate Authority, such as Comodo, Sectigo, and Certera.
The tool will function properly and seamlessly, regardless of the level of the Code Signing Certificate and the CA. In addition, CSR for every CA is the same; therefore, you can use this tool to create CSR within minutes through an easy-to-navigate interface.
Code Signing Certificate is the key requirement of every software developer and publisher. And it makes it crucial to purchase it only from genuine sellers, such as SignMyCode.
SignMyCode is authorized by Sectigo and its purchase procedure is streamlined and secure.
Moreover, it also provides avant-garde services to all its customers, which include:
DigiCert Certificate Utility is a multipurpose tool, that you can use for creating CSR, importing certificates, and much more. And to use its functionalities, you will require a Windows system to install it. Additionally, you should have all the details handy to create the Code Signing Request and apply for certificate issuance within a minimal time.