Ordering And Retrieving Code Signing and EV Code Signing Certificates

This how-to will walk you through the process of buying Code Signing and EV Code Signing certificates from SSL.com.

Here, we’ll cover ordering certificates via the SSL.com website. Windows users can also order code signing certificates with our SSL Manager application, and even order and install EV code signing certificates on YubiKey FIPS tokens. YubiKey FIPS owners using macOS and Linux can install EV code signing certificates on their key by following these instructions.

1. 1. Navigate to the Code Signing Certificate product page on SSL.com’s website. If you wish to purchase an Extended Validation (EV) certificate, navigate to the EV Code Signing Certificate product page.
      
   2. Click the Buy Now! button.
      
   3. Choose the duration of the certificate and the number of YubiKey FIPS tokens you wish to purchase, then click Add To Cart. Note that even though the maximum lifespan of any Code Signing certificate is 39 months, SSL.com customers can save money by ordering bundles of up to ten years for Code Signing certificates or three years for EV Code Signing certificates. For Code Signing orders exceeding three years, we issue free replacement certificates upon expiration and re-validation throughout the duration of the certificate order.
      
   4. When the shopping cart page opens, check that your order is correct. If you want to purchase more than one of the certificates you selected, you can change the quantity via the drop-down menu in the Quantity column, or save your cart for later and continue shopping by clicking Shop More. When your order is correct and you are ready to check out, click Checkout.
      
   5. If you are not already logged into your SSL.com account or do not have an account yet, you will be prompted to log in or create a new account at the Checkout screen. If you have an account, select I do and I want to log in now, enter your username and password, then click Next >>.
      
   6. If you do not have an SSL.com account, select I do NOT but I want to create one, fill in the requested information (username, email address, password, and billing information), then click Next >>.
      
   7. If your account contains existing funds, they will be applied to your purchase. If your account does not contain sufficient funds, you will be prompted to add more. Click Next >> when your account has sufficient funds to complete the transaction.
      
   8. If your order has been successfully placed, you will see a green bar near the top of the browser window, reading “Order successfully placed. Click here to finish processing your ssl.com certificates.” Click the link.
      
   9. On the screen that opens, find your certificate order, then click the provide info link, located in the Action column.
      
   10. Enter the requested registrant information, then click Next >>. Note that you can enter your company’s Dun & Bradstreet number (also known as a D-U-N-S or Duns number) here to expedite validation. (Please make sure that your company information in Dun & Bradstreet is correct and up-to-date before using this option.)
       
   11. On the next screen, click + Create Contact and then fill in the on-screen form and click Create to add a contact to the order. You must create at least one contact for the certificate, but you can also add more if desired.
       
       
   12. When you are finished adding contacts, click Next >>.
       
   13. On the next screen, upload up to five documents we can use to validate the identity of the entity that the code signing certificate will be issued to.
       The required validation information is determined by the type of applicant and the type of certificate being ordered:
       • The required documents for SSL.com’s code signing certificates vary depending on whether the certificate is to be issued to an individual person or a business or other organization.
       • EV code signing certificates have a different set of required documentation, and may only be issued to registered businesses or other organizations, not to individuals.

       Use the clickable tabs below to view a document checklist that applies to your order:
       

       Code Signing: IndividualCode Signing: OrganizationEV Code Signing

       To validate an individual person’s identity, please provide the following:

       • A scan of the front of a valid, government-issued photo ID card or passport ID page. The ID number may be obscured, but we must be able to see your name, address, year of birth, and photograph.
       • A scan of the back of the government-issued ID card or passport ID page.
       • A photograph of of yourself holding the government-issued ID next to your face so that your face may be compared with the image on the ID. The photograph should be at least 5 megapixels (MP) – most current smartphones can provide an image of 5MP or greater.

       To validate the identity of a business or other organization, please provide the following:

       • A link to a Reliable Data Source including the organization’s name, address, and telephone number. Acceptable examples include:
         • A link to a government agency in the jurisdiction of the Applicant’s legal creation, existence, or recognition.
           • For example, a company doing business in Alaska but incorporated in Nevada would need to appear in a search of Nevada businesses.
         • A link verifying your information in a third party database that is periodically updated and considered a Reliable Data Source. Examples include:
           • Dun & Bradstreet (Note: If your company has a Dun & Bradstreet number [also known as a D-U-N-S or Duns number], you can enter it along with your other company information when ordering, as mentioned above.)
           • Hoovers
           • Better Business Bureau
           • Companies House (for UK businesses)

       Click to view more Reliable Data Sources

       • Bloomberg Finance L.P.
       • Bronnoysundregistrene
       • Bulgaria Department of Justice Registry Agency
       • California Secretary of State
       • Colorado Department of Regulatory Agencies, Division of Professions and Occupations
       • Colorado Secretary of State
       • Delaware Division of Corporations
       • Denmark Central Business Register
       • Finnish Business Information System BIS (YTJ)
       • Florida Department of State Division of Corporations
       • Georgia Secretary of State
       • HF Data Datenverarbeitungsges.m.b.H.
       • Italian Chambers of Commerce
       • Kompass Schweiz AG
       • Mauritius Bar Association
       • Media Zone Authority – Abu Dhabi
       • Michigan Department of Licensing and Regulatory Affairs
       • Ministerstvo Spravedlnosti Czech Republic
       • Ministry of Justice Israeli Corporations Authority
       • Nevada SOS (Silverflume)
       • Proff the Business Finder
       • Registre du Commerce of the Canton of Vaud
       • Swedish Companies Registration Office (Bolagsverket)
       • Turkish Trade Registry Gazette
       • Washington Secretary of State
       • Zoom Information Inc.

       • If the business or organization is less than three years old, a scan of the certificate requestor’s government-issued ID is also required.

       In most cases, businesses and organizations will not need to upload documents to their order, but can simply provide a URL to SSL.com support staff. You can submit your link via an email to Support@SSL.com, or by using the chat link in the lower right corner of the SSL.com website.

       In some cases, SSL.com may request additional supporting documents before issuing a certificate. You can return to the document upload screen at any time by locating your order on the Orders tab of your user account and clicking the upload documents link.

       

       
       To validate the identity of a business or other organization, for EV code signing, please provide the following:

       • A signed copy of the EV Subscriber Agreement
       • A signed copy of the EV Authorization Form
       • One of the following items:
         • Articles of Incorporation or Registration
         • A link to a government website that lists your organization
       • One or more of the following items that may be used to verify your organization’s name, physical address, and phone number:
         • Your company’s Dun & Bradstreet number (also known as a D-U-N-S or Duns number). Using a D-U-N-S number helps SSL.com expedite validation and certificate issuance. Please make sure that your company information in Dun & Bradstreet is correct and up-to-date before using this option. As mentioned above, you can enter your D-U-N-S number along with your Applicant Information when ordering:
           
         • A business profile from another Qualified Information Source, such as ZoomInfo, Crunchbase, or OpenCorporates.
         • An attestation letter from a licensed professional (attorney, accountant, or civil-law/Latin notary):
           • Sample legal opinion letter
           • Sample letter from a Certified Public Accountant
           • Sample letter verifying a government organization

       In some cases, SSL.com may request additional supporting documents before issuing a certificate. You can return to the document upload screen at any time by locating your order on the Orders tab of your user account and clicking the upload documents link.

       

       
       When you are finished adding files, click Submit.

   14. When you have submitted your documents, your new certificate will have a status of pending validation until we verify the information you’ve submitted, including your telephone number. You can keep track of your order’s progress with the Validation Process checklist.
   15. As SSL.com staff completes validation steps for your order, the Validation Process checklist will be updated.
   16. If you ordered an EV code signing certificate, the Validation Process checklist will show more steps than for standard OV/IV code signing certificates.
       
   17. Please note that EV Code Signing customers can now pay an extra $500 to get their order validated and shipped overnight within 24 hours from the time that their validation documents are submitted.
   18. The remaining steps of this how-to covering callbacks and certificate generation apply only to standard OV/IV code signing certificates. Validation of EV code signing certificates requires manual callbacks from SSL.com, and your certificate will be shipped to you on a YubiKey FIPS USB token after validation. EV code signing customers should check out our FAQ, Getting Started With Your EV Code Signing Certificate.
   19. Once your telephone number has been verified, the perform callback link will be made available to you. To find it, navigate to the documents page of your order.
       
   20. Next, click the Perform Callback link, located at the lower left of the page.
       
   21. A dialog box will appear. Enter one or more email addresses to send the callback link to, and then click the Send button.
       
   22. A green alert message will appear, verifying that the callback links have been sent.
       
   23. When your callback email arrives, click the link in it.
       
   24. After clicking the link, a callback verification form will open in your web browser. To initiate a call to your verified phone number from our automated system immediately, just click the Call Now button. You can choose between a voice call and SMS text by using the radio buttons at the bottom of the form. Finally, by using the Callback Types drop-down menu, you can choose to schedule an automated call at a later time via the Scheduled Callback option, or schedule a direct call from a member of our staff by choosing Manual Callback. If you choose one of these options, form elements for scheduling the call will appear dynamically. (For more information on these options, please refer to our how-to on Callbacks for OV Certificates.)
       
   25. After clicking Call Now, a form for verification code entry will appear. When you receive your call it will include the code. Enter the four-digit code and then click the Verify Phone button.
       
   26. If everything has gone correctly, an alert message will appear in your browser confirming that callback verification is complete.
       
   27. After a successful callback, SSL.com will send you a Certificate Activation Link email message. Follow the link included in it, which will take you to the certificate generation page. Alternately, you can click the generate certificate link in the Action column of the Orders tab in your SSL.com account.
       
   28. Click the Generate Certificate button.
       
   29. Your certificate is ready! You can copy and paste your certificate and private key from the on-screen fields, or generate a PFX file by creating a password and clicking download. Your password must be at least 6 characters. Remember this password, because you will need it when installing the certificate on your computer. It is also essential that you keep your private key in a secure location and do not lose it.
       
       

Video: Validation Requirements for OV, IV, and EV Certificates