SSL Dragon Single

Sectigo Code Signing SSL

Sectigo Logo
Billed
for
PayPalCredit/Debit Card via StripeBitcoin, Ethereum & Altcoins
A cheaper icon
Want Cheaper?
Buy Multiple Years
Dedicated Support
GLEIF logo representing the Global Legal Entity Identifier Foundation
25 Days Refund

The Sectigo Code Signing Certificate lets software developers and publishers digitally sign their applications, scripts, executables, and drivers. The digital signature attached to your code verifies your identity as the software publisher and confirms the software hasn’t been tampered with since signing. Without it, users see the “Unknown Publisher” warning on Windows and other platforms, which kills downloads and erodes trust in your product.

Issued by Sectigo, the world’s largest commercial Certificate Authority by market share, this software signing certificate meets all current CA/Browser Forum and NIST standards for Windows code signing, Java, macOS, and other major platforms. Formerly sold as the Comodo Code Signing Certificate, it carries the same trusted root certificates following Sectigo’s 2018 rebrand from Comodo CA. Buy it through SSL Dragon at the best price with dedicated support and a 25-day money-back guarantee.

validation icon
Business / Individual Validation
clock icon
Issued in 1-7 business days
mobile icon
Mobile friendly
trust-icon
Unlimited free reissues
Emails & Documents
Verify Identity: Make your software more accessible
LEI code icon
Speed up with LEI: Quick Validation
paperwork icon
Validation methods: DV (EMAIL, DNS, HTTP / HTTPS) and EV (Public databases / Paperwork)
Code Signing
Protects code; Keeps users safe

Sectigo Code Signing Certificate Features

  • Publisher Identity Verification. The Sectigo Code Signing Certificate uses Organization Validation (OV), meaning Sectigo verifies your business identity before issuing the certificate. This validation process confirms your organization’s legal existence and operational status, so end users can see your verified publisher name when they install your software. Sectigo is also one of the few Certificate Authorities that offers an individual code signing certificate through Individual Validation (IV) for independent developers who don’t operate under a registered business. If you’re a solo developer, you can still get a Sectigo code signing certificate tied to your verified personal identity.
  • No More Security Warnings. Once your code is signed, the digital signature replaces the “Unknown Publisher” warning with your actual company or developer name. Users see exactly who published the software and can verify that the code is intact. This has a direct impact on download rates, because most users will abandon an installation the moment a security warning appears.
  • Free Timestamping. The certificate includes free timestamping, which records the exact time your code was signed. This is a practical feature that matters long-term: if you timestamp your digital signature, it remains valid even after the certificate itself expires. You won’t need to re-sign your software unless you change the code. Distributed applications stay trusted indefinitely.
  • Unlimited Signing & Strong Encryption. There are no limits on how many files or applications you can sign with a single Sectigo Code Signing Certificate. One certificate covers your entire catalog for the duration of its validity period. The certificate uses SHA-256 hashing and supports 3072-bit or 4096-bit RSA key lengths, meeting all current industry encryption standards.

Platform Compatibility

The Sectigo Code Signing Certificate is fully compatible with Microsoft Authenticode, making it a trusted Windows code signing certificate for Windows 7, 8, 10, and 11. It also supports Java, Adobe AIR, Mozilla Objects, Microsoft Office VBA, Apple macOS, and Microsoft Silverlight. Note that kernel-mode driver signing for Windows 10 and later requires an EV Code Signing Certificate.

Supported file formats include .exe, .dll, .cab, .ocx, .msi, .jar, .xpi, and .xap in both 32-bit and 64-bit configurations.

Private Key Storage & Delivery

All code signing certificates now require private keys to be stored on hardware that meets FIPS 140-2 Level 2 or Common Criteria EAL 4+ standards. This is an industry-wide requirement set by the CA/Browser Forum, not specific to Sectigo.

By default, Sectigo ships a pre-configured USB hardware token with your certificate and private key already installed. You plug it in when you need to sign code. If you already have a compliant Hardware Security Module (HSM), whether on-premises or cloud-based through services like Google Cloud KMS or Azure Key Vault, you can choose the “Install on Existing HSM” option at checkout and provide key attestation. Key attestation is the process of proving your private key was generated and stored inside approved hardware.

Sectigo OV vs. EV Code Signing

This product page covers the standard Sectigo Code Signing Certificate (OV). Sectigo also offers an EV (Extended Validation) Code Signing Certificate, which involves a more thorough vetting of your organization’s identity and is required for certain use cases.

The main differences to consider: EV validation verifies additional details about your organization’s legal standing, physical address, and operational history. EV code signing is mandatory if you need to sign Windows kernel-mode drivers for Windows 10 and later. Both OV and EV certificates include a hardware token, support the same platforms, and use the same encryption standards.

Regarding Microsoft SmartScreen reputation, both OV and EV signed software build trust with the SmartScreen filter over time as users download and install your applications. EV certificates carry a stronger initial trust signal, but as of 2024, they no longer provide an instant bypass of SmartScreen warnings. Reputation develops organically for both validation levels based on download volume and publisher history.

If your use case calls for the highest validation level or you need kernel-mode driver signing, see the Sectigo EV Code Signing Certificate.

Validity, Pricing & Renewal

As of March 2026, the maximum validity for any newly issued code signing certificate is 460 days (approximately 15 months). This is an industry-wide change under CA/Browser Forum Ballot CSC-31, reducing the previous 39-month maximum. Multi-year plans are still available through SSL Dragon, but each certificate within the plan is capped at 459 days and will require annual reissuance.

The Sectigo Code Signing Certificate is an affordable code signing solution from the world’s largest CA. Check the code signing certificate price below and purchase with confidence. Compared to the cost of losing downloads to security warnings, a code signing certificate is a cheap investment. SSL Dragon offers competitive pricing, dedicated support, and a 25-day refund policy.

Sectigo Code Signing Certificate FAQ

Is the Sectigo Code Signing Certificate the same as Comodo Code Signing?

Yes. Sectigo was formerly Comodo CA until the 2018 rebrand. The Sectigo Code Signing Certificate is the same product with the same trust roots, validation process, and platform support. Only the brand name changed. You may also see this product referred to as a Comodo code signing SSL or Sectigo code signing SSL, but these are the same certificate.

What platforms does the Sectigo Code Signing Certificate support?

It supports Microsoft Authenticode (Windows 7 through 11), Java, Adobe AIR, Mozilla Objects, Microsoft Office VBA, Apple macOS, and Microsoft Silverlight. Supported file formats include .exe, .dll, .cab, .ocx, .msi, .jar, .xpi, and .xap.

How is the private key delivered?

By default, Sectigo ships a FIPS 140-2 Level 2 compliant USB hardware token with the certificate and private key pre-installed. If you have your own compliant HSM, you can select the “Install on Existing HSM” option during checkout.

What’s the difference between OV and EV Code Signing?

OV (Organization Validation) confirms your business identity and covers most signing needs. EV (Extended Validation) involves stricter verification and is required for Windows kernel-mode driver signing. Both include a hardware token and support the same platforms.

Can individual developers get a Sectigo Code Signing Certificate?

Yes. Sectigo is one of the few Certificate Authorities that offers an individual code signing certificate through Individual Validation (IV), allowing solo developers without a registered business to obtain a certificate tied to their verified personal identity.

Does timestamping keep my signature valid after the certificate expires?

Yes. When you timestamp your digital signature at the time of signing, it records proof that the code was signed while the certificate was active. The signature remains valid indefinitely, even after the certificate’s expiration date. You only need to re-sign if you modify the code.

What changed about code signing certificate validity in 2026?

The CA/Browser Forum reduced the maximum validity period from 39 months to 460 days (about 15 months) under Ballot CSC-31, effective March 1, 2026. Multi-year subscriptions are still available, but each issued certificate within the plan is limited to 459 days before reissuance is required.

Secure Hash Algorithm

SHA-2

Refund

25 days

Certificate Encryption

Up to 256-bit

Key Encryption

2048 bit

Our Clients & Key Figures

Volvo logo
Netflix logo with a red background, displaying the text Netflix in white.
Koton logo featuring stylized text and a light background.
Dufry logo
Phillips logo
Northrop Grumman Logo
Yale logo
Harvard logo
Oxford Logo
Rockefeller Logo
Goodwill Logo
Sapient Logo
Hawaii Logo
Army Logo
Force Logo
Schneider Logo
Cisco Logo
Cornell Logo

Rated 4.8 out of 5 by 1239 customers

avatar-male-5
Christopher Broderick
June 15, 2022, , united kingdom

Great selection of certificates with a clear definition of properties for each certificate makes it easy to choose the right one.

avatar-male-3
Munro James
October 31, 2020, Victoria, AU

Easier and cheaper than going directly and ordering via the vendor, thank you for the information and the simple shopping experience.

avatar-female-3
Kelly Mark
October 29, 2020, Dublin, IE

Excellent customer service when I ordered the wrong cert! The support team then helped me get the correct cert and refunded me on the incorrect cert I bought! Very fast and a happy customer.

Real customers ratings and reviews at Shopper Approved. Read them all.