Code Signing Certificate Verification for Windows, Mac OSX, & Popular Browsers

Verify Code Signing Certificate Installation

Verify Whether the Code Signing Certificate is Applied Correctly

Simply getting a code signing certificate does not complete the job. You should also verify it to ensure that your customers and end-users get the best experience. So after the code signing certificate is installed in the browser, you must ensure its authenticity.

Popularly, developers and development organizations get code signing certificates for their solutions. These certificates help the developers build confidence and trust among the users. As the users are able to verify the identity of the developer, they will engage with the solution with trust and confidence. Any developer will dread the message “Unverified Publisher” popping up when someone is about to install the package they have built. A code signing certificate will remove this warning and also make the solution safer to use for everyone.

How to Verify that the Program or Application is Code Signed?

Most of the certificate authority organizations include a certificate verification tool with the certificate they provide. The tool the CAs provide assists with the signing process and also sending commands for verification. For instance, when the CAs don’t provide a tool or you don’t want to use one, follow these steps.

How to Verify Code Signing Certificate in Internet Explorer?

  1. Open Internet Options: Open the Internet Explorer browser and navigate to the settings button at the top right corner of the window. From the drop down menu locate and click on Internet Options.
  1. Find Certificates: From the dialog box that appears, click on Certificates. This tab will list all the different certificates associated with the browser.
  1. Personal Tab: In the Certificates tab, you will find different options like Personal, Other People, Intermediate Certification Authorities, among others. From these options click on Personal. This is followed by double-clicking on the digital certificate you have just installed.

*In case you have different certificates installed with the same name, find the latest version with the expiration date.

  1. Check Valid From: After clicking on the right code signing certificate, a new dialog box will appear. On this, find the heading “Valid From” and check the line underneath.

If it says, “You have a private key that corresponds to this certificate” the certificate is verified and authenticated.

How to Verify Code Signing Certificate in Mozilla Firefox?

  1. Open Options: In Mozilla Firefox, click on the three lines at the top right corner to open the drop down menu. From here, click on Settings.
  1. Find Privacy and Security: In the Options menu, look to the left-hand side and open Privacy & Security. On the page, scroll down until you see the View Certificates option towards the right side of the page. Click on it.
  1. Your Certificates: From the dialog box that appears, click on the “Your Certificates” tab. Find the name of the certificate you want to verify for code signing. Select the certificate and click on “View.”
  1. Check Validity: After clicking on “View” you will find detailed information about the certificate. Check the validity and the expiration date. Plus, keep an eye on the type of encryption the certificate is secured with for better information.

How to Verify Code Signing Certificate in Google Chrome?

  1. Find Settings: To check the code signing certificate verification on Google Chrome, click on the three dots on the top right corner and select Settings.
  1. Select Advanced: Once the page opens, you need to scroll down to find “Advanced” option towards the end of the page.
  1. Select Manage Certificates: In the second fold of the setting page that shows after clicking on Advanced scroll down further to find the option “Manage Certificates.”
  1. Check Personal Tab: From the dialog box that appears, find the Personal tab and select the certificate you want to check. Click on the code singing certificate and click on View.
  1. Check Valid From: Following the same process as in Internet Explorer, from the window that appears after clicking on View, check the Valid From. Under Valid From, if it’s written “You have a private key that corresponds to this certificate” this means that the certificate is verified.

How to Verify Code Signing Certificate in Microsoft Windows?

For those using Microsoft Windows as their main operating system, there’s a way to verify the code signing certificate. Follow the steps below;

  1. Find the file: You need to start with finding the file for which you need to verify the code signing certificate.
  1. Check Properties: Once you have the file, right click on it, and select Properties.
  1. Select Digital Signatures: On the dialog box, you will find different tabs including Security, Details, General, etc. In this, find and click on Digital Signatures.
  2. Check the List: If the file you want to verify the code signing certificate is actually verified, it will appear in the list. If not, it won’t appear here.

How to Verify Code Signing Certificate in Microsoft SDK?

Verification of the code signing certificate in Microsoft SDK must be done with SignTool. It’s a utility tool that you can use to check the verification and other things related to the code signing certificate.

It’s a one step process. Begin by opening the SignTool and run the following command;

SignTool verify MyControl.exe

This code will help you verify the code signing certificate of .exe, .dll, or .ocx files.

How to Verify Code Signing Certificate in Mac OSX?

To check the code signing certificate in Mac OSX, follow these steps;

  1. Launch Terminal: On your Mac OSX device, launch the Terminal to give the command. You can find it under Applications followed by Utilities.
  1. Enter the Command: Next, enter the command starting with codesign. The command will be like this;

code sign -dv –verbose=4 /Path/To/Application.app

After you hit enter, a series of results will appear which shows complete information about the said application. In this, focus on;

  • Hash type
  • Hash
  • Authority entries

If the Authority has listed Apple Root CA then the code signing certificate is verified.

Conclusion on How to Verify Code Signing Certificate Installation

Any type of browser and operating system won’t let its users download and install a software package that does not have a code signing certificate. For every software developer, it is important to get the code signing certificate as it helps them establish trust and a strong foundation for their solution.

For times when you want to verify whether the code signing certificate is authentic and applied correctly, there’s a different method for every type of browser used generally. Check out the guide above to know the step by step process of verifying the authenticity and application of the code signing certificate.

Related posts:

  1. How Does the Code Signing Process Work? – Understand the Code Signing Architecture
  2. Code Sign With Azure DevOps Using a Code Signing Certificate Stored Within Azure Key Vault
  3. Quick Guide to Install a Code Signing Certificate on MS Windows
  4. How Do I Export Code Signing Certificate from Internet Explorer, Chrome, or Firefox on Windows?

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.