Digital Signing for Application and Software Developers - In-Depth Guide and Resources
A digital signature guarantees the authenticity of an electronic document or message. In the software industry, code signing provides an added layer of security and trust that you're using a code that comes from an original vendor and not a third-party that could have maliciously altered the code.
Code signing lets you know that the application hasn’t been tampered with since it was signed, and it’s safe to install and run on your machine.
What is a Code Signing Certificate
Find out what a code signing certificate is, about the role of a code signing certificate, the options you have when signing your software, and the problems you might encounter.
https://www.advancedinstaller.com/what-is-code-signing-certificate.html
Code signing certificates and timestamp
When a digital signature is applied, using a timestamp is highly recommended. Timestamping ensures that a digital signature is still recognized as valid even after the digital certificate expires. Read our article to better understand what a digital signature timestamp is and why it is very important in application electronic signing.
https://www.advancedinstaller.com/digital-signature-timestamp.html
Where can you get your code signing certificate from?
“Where can I purchase a certificate?” “What third party do you recommend?” To answer such questions, we put together a list of Digital Certificate providers that is far from comprehensive (and take notice that we don’t make any specific recommendations).
https://www.advancedinstaller.com/where-can-i-buy-code-signing-certificate.html
Trusted Signing and other cloud signing services
Advanced Installer is the first application packaging tool in the industry that provides built-in support for Trusted Signing. Learn how we integrated Azure Trusted Signing in all commercial editions, helping software publishers improve the cybersecurity of their end-users.
https://www.advancedinstaller.com/trusted-signing-integration.html
What are the User Account Control & SmartScreen Filter?
Learn what the User Account Control (UAC) alert center is and how to handle the “Do you want to allow this app from an unknown publisher to make changes to your device” alert message.
https://www.advancedinstaller.com/allow-app-from-unknown-publisher-make-changes.html
EV Code Signing vs Regular Code Signing
An extended discussion about the EV Code Signing Certificate (EV stands for Extended Validation), a more advanced method to code sign your certificates, and how it is different from a regular code signing technique, and what pricing you can expect for purchasing such a certificate.
https://www.advancedinstaller.com/ev-code-signing-vs-regular-code-signing.html
What is a PFX Certificate and how to generate it?
In this article, we discuss what a PFX Certificate is, how to create one through different ways, and how to create a .pfx file from exporting a self-created certificate and its password. Let’s dive in!
https://www.advancedinstaller.com/what-is-pfx-certificate.html
Signing your code with a Microsoft SignTool certificate
Our guide takes you through the process of using SignTool, Microsoft's tool for creating your own self-signed certificate, needed to secure and authenticate a Windows application.
https://www.advancedinstaller.com/code-signing-with-signtool.html
MSIX Digital Signing
In our dedicated article, we showcase the two main methods to digitally sign an MSIX package, plus one additional method used for internal company apps.
https://www.advancedinstaller.com/msix-digital-signing.html
Furthermore, we gather all our resources on code signing an MSIX installer:
How To’s
Check out our list of articles on how to perform different types of code-signing tasks and cover various scenarios needed when signing your application.
- How to automatically code sign the MSI with GitHub Actions
- How to use the USB eToken for Extended Validation Code Signing in Advanced Installer
- Configure a Digital Certificate in a Jenkins Build Step
- How to configure digital signing in Advanced Installer Azure DevOps Task
- How to Configure Azure Key Vault Digital Signature in TeamCity Pipeline
- How to digitally sign an MSI installer using PowerShell command line
Frequently Asked Questions about Digital Signature
We gathered a list of the most frequently asked questions regarding software digital signature and certificates.
https://www.advancedinstaller.com/user-guide/faq-digital-signature.html
Written by
Horatiu Vladasel
Horatiu is a Software Packager/Sequencer with over 10 years experience, who has worked as a Software Packager at IBM and is currently offering software packaging services to companies such as BT or Nationwide.