Comodo Code Signing

When you configure your Comodo Code Signing SSL Certificate, it is best to use some specific browsers for that. Here is an article that describes which browsers are best to use for configuring a Comodo Code Signing Certificate.

code-signing2When you configure your Comodo Code Signing Certificate, make sure that “Advanced Private Key Options” is visible to you in the same way it is shown in the screenshot from the right. Internet Explorer is always a good option to configure your Comodo Code Signing Certificate.

code-signingWhen you configure your Comodo Code Signing Certificate as an individual, you need to enter your first and last name in the “Company Name” field. This will tell Comodo that you are requesting a Code Signing Certificate for an individual instead of a company.

Comodo Code Signing Certificates can be configured for a Business or for an Individual. If you configured your certificate as an individual, then you can go directly to the middle of this article, to the section called “Validation for Individuals”, where you will find detailed information about how to pass the validation as an individual. If you configured your certificate as company, then please continue reading.

Business Validation

As a part of the Business Validation process, you need to provide information about your company and your company’s phone number. There are three ways to do that. You don’t have to do all three. Doing just one of them will allow you to pass the Business Validation.

1.1) The first way is to provide your DUNS number to Comodo. You can get your company’s DUNS number from this website: https://www.dandb.com/. If Comodo gets back to you and says that your DUNS listing does not contain a phone number, then you need to contact Dun & Bradstreet (at https://www.dandb.com/) and ask them to add your company’s phone number to their “business directory and on the report”.

1.2) If you don’t have a DUNS number, then the other thing which you can do is to provide your company’s Articles of Incorporation, or Government Issued Business License, or your local organization number. Please make sure that the documents that you provide have your company’s registration number so that Comodo can check your company with your country’s governmental directories (e.g.: Corporation Division, Companies House, Department of State, etc). Please note that Comodo will be looking to see your company’s phone number listed there as well. Not all governmental directories have the companies phone numbers. If the governmental directory allows you to call them, email them, or use their website to add your phone number, then please go ahead and do that. 

1.3) If the above two options (1.1 and 1.2) don’t work for you, then the third and last option to validate your company and your phone number is to ask a CPA (Certified Public Accountant), or a Latin Notary, or an Attorney (Lawyer) to write, sign and send a letter to Comodo where they confirm your company name, address and phone number. You can find the sample letters here:
– Sample Accountant Letter
– Sample Form Legal Opinion Letter

partner-order-id2) You need to send all this information to Comodo Validation Department at [email protected]. Also, please include your Comodo Order ID in the subject and in the body of the message that you send to Comodo, so that they know which order you are writing them about. You can find your Comodo Order ID on your SSL Certificate’s details page inside your SSL Dragon account. See the screenshot on the right.

If you don’t see your Comodo Order ID, then please open a ticket with us, or email us and let us know the name of the company or the name of the individual that you included in the SSL configuration form, so that we could provide you your Comodo Order ID.

 

Validation for Individuals

There are a few things that you need to do to pass the Individual Validation for your Comodo Code Signing Certificate.

1) The first thing that you need to do is to provide your individual DUNS number to Comodo. You can get your individual DUNS number from this website: https://www.dandb.com/. Make sure that your DUNS listing contains your full name, address and phone number. If it doesn’t, then you need to contact Dun & Bradstreet (at https://www.dandb.com/) and ask them to “add your full name, address and mobile phone number to their business directory and on the report”.

Duns and Bradstreet is an international company and they have a database with individuals and companies from all countries (USA, Canada, United Kingdom, Australia, New Zealand, South Africa, Germany, Israel, etc). So, they work with international customers, too.

2) You need to provide the following documents to Comodo:

a) Government issued photo ID (driver’s license or passport);
b) One financial institution document (a bank statement or credit card statement less than six months old);
c) One non-financial document (gas bill, water bill, power bill).

3) You need to get attested by a legal authority by filling out the face-to-face verification form. You can download the form at this link. The face-to-face verification letter should be signed by a Notary, Latin Notary, registered Attorney, Certified Public Accountant (CPA), or a Justice Of The Peace. The legal authority should have accreditation and a license number that is available online.

If you decide to go with a Legal Attorney, he or she must be registered with the BAR, and the BAR should have the Attorney’s full name and license number. You can find an attorney in your country by looking into these worldwide legal directories: http://www.hg.org/legal.html

partner-order-id4) You need to send all this information to Comodo Validation Department at [email protected]. Also, please include your Comodo Order ID in the subject and in the body of the message that you send to Comodo, so that they know which order you are writing them about. You can find your Comodo Order ID on your SSL Certificate’s details page inside your SSL Dragon account. See the screenshot on the right.

If you don’t see your Comodo Order ID, then please open a ticket with us, or email us and let us know the name of the company or the name of the individual that you included in the SSL configuration form, so that we could provide you your Comodo Order ID.

Here are the steps that you need to do in order to reissue your Comodo Code Signing Certificate:

1) Login at https://www.comodo.com/login using the username and password that you used when you configured your Comodo Code Signing Certificate initially;
2) Once you are logged in, find the “Replace” button and click on it;
3) You will start the reissue process for your Comodo Code Signing SSL.
4) Follow the steps and instructions that come next, until you complete the Comodo Code Signing Certificate reissue.

code-signing3The Private Key was generated on your machine when you configured your Comodo Code Signing Certificate initially. The screenshot from the right shows the page where you configured your Comodo Code Signing Certificate initially. As you can see in the screenshot, you were given instructions on how to check and backup your Private Key.

If you lost your Private Key, then you have to reissue your Comodo Code Signing Certificate. You can do that by following the next steps:

1) Login at https://www.comodo.com/login using the username and password that you used when you configured your Comodo Code Signing Certificate initially;
2) Once you are logged in, find the “Replace” button and click on it;
3) You will start the reissue process for your Comodo Code Signing SSL.
4) Follow the steps and instructions that come next, until you complete the Comodo Code Signing Certificate reissue.

When you configure or re-configure your Comodo Code Signing SSL Certificate, it is best to use some specific browsers for that. Here is an article that describes which browsers are best to use for configuring a Comodo Code Signing Certificate.

Some Certificate Authorities (especially Comodo and Symantec) may ask you to update or add your phone number to your company’s DUNS listing, as a part of your Business or Extended Validation process.

After you have contacted Dun & Bradstreet and added your phone number to your company’s DUNS listing, it may take between 5 and 40 days for Dun & Bradstreet to make your DUNS listing update available to the public. When you talk to Dun & Bradstreet over the phone, they may tell you that they added or updated your phone number. However, they only initiated process. Your phone number will appear on the Dun & Bradstreet website (https://www.dandb.com/) in about 5 to 40 days after that.

You will know that your DUNS listing has been truly updated, only when you get an email message from Dun & Bradstreet saying that your DUNS profile has been updated successfully. Your phone number will start appearing on your DUNS listing only after you get this email from them. Also, Certificates Authorities (such as Comodo and Symantec) can verify your phone number based on your DUNS listing only when your phone number is publicly available. That’s why, you or we should contact the Certificate Authority requesting them to check your DUNS listing only after you get that confirmation by email.

In the past, we asked the Validation Department representatives from Comodo and Symantec to contact Dun & Bradstreet directly, and check our customer’s phone number with Dun & Bradstreet. We did that after our customers told us that they added or updated their phone number on their DUNS listing. Each time, Comodo and Symantec were told by the Dun & Bradstreet representatives that our customers’ DUNS listing update is “in progress” and “has not been completed yet”, and were advised to get back to Dun & Bradstreet when the customers receive an email message from Dun & Bradstreet which confirms them that their DUNS listing was updated.

If 5-40 days is too much to wait, we recommend you to go with other methods of validating your company and phone number, such as providing a legal letter written by a notary, an attorney, or a certified public accountant. This method will allow you to pass the Business or Extended Validation within 1-2 days.

The main differences between Comodo EV Code Signing and a regular code signing certificate from Comodo are the following two major features:

Extended Validation – offers the highest level of trust since Comodo verifies the publisher’s authenticity rigorously

Two-factor authentication – the main requirement to store the private key on an external hardware token (provided by mail by Comodo) in order to avoid any unauthorized access or malicious usage. Since the private key is stored only on this token, this feature drastically reduces the number of people who can access it, therefore protecting the key from being compromised.