Starting June 1st, 2023, improved security measures mandate that private keys for standard code signing certificates be exclusively stored on FIPS 140 Level 2, Common Criteria EAL 4+, or equivalent certified hardware. This change aligns with the stringent protection standards of EV code signing certificates. Consequently, Certificate Authorities (CAs) ceased supporting browser-based key generation, CSR creation, and installation processes. Instead, opting for the token+ shipment method when requesting the certificate will prompt the CA to create the CSR. Those preferring HSM installation must refer to the instructions below or the respective provider’s guidelines.
- YubiKey 5 FIPS CSR Generation and Attestation.
- Luna Network Attached HSM v7.x: CSR & Attestation Guide.
Learn more about code signing certificate delivery methods.
Save 10% on SSL Certificates when ordering from SSL Dragon today!
Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10