Starting June 1, 2023, industry standards mandate storing code signing certificate private keys on FIPS 140 Level 2, Common Criteria EAL 4+ certified hardware. This change enhances security, aligning with EV code signing standards. Certificate Authorities can no longer support browser-based key generation or laptop/server installations. Private keys must be on FIPS 140-2 Level 2 or Common Criteria EAL 4+ certified tokens/HSMs. To sign the code, access the token/HSM and use stored certificate credentials.
In line with the new guidelines, your private key should be on the token shipped by the CA or on your Hardware Security Module.
Save 10% on SSL Certificates when ordering today!
Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10
