GLOBALTRUST CODESIGNING – secure signature of software

What is GLOBALTRUST CODESIGNING?

More and more operating systems and platforms require software to be signed during installation.

This is to protect users, making it easy for them to determine where software comes from and whether the vendor is trustworthy. GLOBALTRUST offers corresponding certificates at particularly favorable conditions.

Cost of certificate for software signature (buy here):

-Certificate GLOBALTRUST CODESIGNING 1 year / EUR 119,00 + VAT (= 142,80 EUR)
-Certificate GLOBALTRUST CODESIGNING 2 years / EUR 199,00 + VAT(= 238,80 EUR)
-Certificate GLOBALTRUST CODESIGNING 3 years / EUR 299,00 + VAT(= 358,80 EUR)

True hardware and platform independence

The signature procedure meets the necessary EU requirements, the requirements of well-known operating system providers and can be used in any system environment. GLOBALTRUST CODESIGNING certificates can be used in Microsoft applications, MacOS applications, LINUX solutions and other systems.

The use of chip cards and chip card readers is not absolutely necessary, but not excluded.

Investment security through globally valid standards

By using X.509v3, the worldwide recognized standard for certification, respecting the INTERNET RFC standards and the recommendations of ETSI (European Telecommunications Standards Institute), the standardization institute of the EU,
users of GLOBALTRUST CODESIGNING have the security of having an ideal, state-of-the-art signature tool for many years to come.

Including GLOBALTRUST TIMESTAMP support!

Every holder of a GLOBALTRUST CODESIGNING certificate has the opportunity to retrieve 50 qualified time stamps free of charge. These can be used for time-sensitive documents that require proof of creation at a specific point in time (e.g. log files, submission documents, balance sheets, invoices, dunning letters, etc.).

More details here

The GLOBALTRUST CODESIGNING certificate chain

Due to the high flexibility of GLOBALTRUST CODESIGNING, the certificate can be used under any certificate administration. Depending on the product used, the certificate is recognized automatically or the GLOBALTRUST CODESIGNING certificate chain must be installed when using it for the first time (see support information here ).

The certificate chain consists of the GLOBALTRUST CODESIGNING intermediate certificate and the GLOBALTRUST root certificate. The certificate chain can be downloaded here.

The GLOBALTRUST root certificate is valid if the SHA1 fingerprint “342C D9D3 062D A48C 3469 6529 7F08 1EBC 2EF6 8FDC” is displayed when installing.

Signing programs and installation packages under Windows

Microsoft provides the signtool.exe program for signing setup programs and installation packages. Development environments, Visual Studio 2015, provide signature functions directly.

Notes from Microsoft on signing (as of 2016/09/23):
– https://msdn.microsoft.com/de-de/library/che5h906.aspx
– https://msdn.microsoft.com/de-de/library/8s9b9yaz(v=vs.110).aspx
– https://msdn.microsoft.com/de-de/library/ee290833(v=vs.100).aspx

Under Linux, the NSIS tool is provided for creating a Windows installer (http://nsis.sourceforge.net/Main_Page). It allows more configuration options and can therefore represent a suitable alternative in individual cases.

You might be interested in that