en English

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

en English

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

Ordering And Retrieving Code Signing and EV Code Signing Certificates

This how-to will walk you through the process of buying Code Signing and EV Code Signing certificates from SSL.com.

Here, we’ll cover ordering certificates via the SSL.com website. Windows users can also order code signing certificates with our SSL Manager application, and even order and install EV code signing certificates on YubiKey FIPS tokens. YubiKey FIPS owners using macOS and Linux can install EV code signing certificates on their key by following these instructions.

Not sure which type of code signing certificate you need? Check out this FAQ.


    1. Navigate to the Code Signing Certificate product page on SSL.com’s website. If you wish to purchase an Extended Validation (EV) certificate, navigate to the EV Code Signing Certificate product page.
      Code Signing Certificates
    2. Click the Buy Now! button.
      Buy Now!
    3. Choose the duration of the certificate and the number of YubiKey FIPS tokens you wish to purchase, then click Add To Cart. Note that even though the maximum lifespan of any Code Signing certificate is 39 months, SSL.com customers can save money by ordering bundles of up to ten years for Code Signing certificates or three years for EV Code Signing certificates. For Code Signing orders exceeding three years, we issue free replacement certificates upon expiration and re-validation throughout the duration of the certificate order.
      select duration and YubiKeys
    4. When the shopping cart page opens, check that your order is correct. If you want to purchase more than one of the certificates you selected, you can change the quantity via the drop-down menu in the Quantity column, or save your cart for later and continue shopping by clicking Shop More. When your order is correct and you are ready to check out, click Checkout.
      shopping cart
    5. If you are not already logged into your SSL.com account or do not have an account yet, you will be prompted to log in or create a new account at the Checkout screen. If you have an account, select I do and I want to log in now, enter your username and password, then click Next >>.
      Enter login credentials
    6. If you do not have an SSL.com account, select I do NOT but I want to create one, fill in the requested information (username, email address, password, and billing information), then click Next >>.
      Create account
    7. If your account contains existing funds, they will be applied to your purchase. If your account does not contain sufficient funds, you will be prompted to add more. Click Next >> when your account has sufficient funds to complete the transaction.
      Apply existing funds
    8. If your order has been successfully placed, you will see a green bar near the top of the browser window, reading “Order successfully placed. Click here to finish processing your ssl.com certificates.” Click the link.
      Order successfully placed
    9. On the screen that opens, find your certificate order, then click the provide info link, located in the Action column.
      provide info
    10. Enter the requested registrant information, then click Next >>. Note that you can enter your company’s Dun & Bradstreet number (also known as a D-U-N-S or Duns number) here to expedite validation. (Please make sure that your company information in Dun & Bradstreet is correct and up-to-date before using this option.)
      Applicant information form
    11. On the next screen, click + Create Contact and then fill in the on-screen form and click Create to add a contact to the order. You must create at least one contact for the certificate, but you can also add more if desired.
      Add contact
      Add contact
    12. When you are finished adding contacts, click Next >>.
      Click Next
    13. On the next screen, upload up to five documents we can use to validate the identity of the entity that the code signing certificate will be issued to.
      Upload filesThe required validation information is determined by the type of applicant and the type of certificate being ordered:
      • The required documents for SSL.com’s code signing certificates vary depending on whether the certificate is to be issued to an individual person or a business or other organization.
      • EV code signing certificates have a different set of required documentation, and may only be issued to registered businesses or other organizations, not to individuals.

      Use the clickable tabs below to view a document checklist that applies to your order:

      Code Signing: IndividualCode Signing: OrganizationEV Code Signing

      To validate an individual person’s identity, please provide the following:

      • A scan of the front of a valid, government-issued photo ID card or passport ID page. The ID number may be obscured, but we must be able to see your name, address, year of birth, and photograph.
      • A scan of the back of the government-issued ID card or passport ID page.
      • A photograph of of yourself holding the government-issued ID next to your face so that your face may be compared with the image on the ID. The photograph should be at least 5 megapixels (MP) – most current smartphones can provide an image of 5MP or greater.

      To validate the identity of a business or other organization, please provide the following:

      • A link to a Reliable Data Source including the organization’s name, address, and telephone number. Acceptable examples include:
        • A link to a government agency in the jurisdiction of the Applicant’s legal creation, existence, or recognition.
        • A link verifying your information in a third party database that is periodically updated and considered a Reliable Data Source. Examples include:
      • If the business or organization is less than three years old, a scan of the certificate requestor’s government-issued ID is also required.

      In most cases, businesses and organizations will not need to upload documents to their order, but can simply provide a URL to SSL.com support staff. You can submit your link via an email to Support@SSL.com, or by using the chat link in the lower right corner of the SSL.com website.

      In some cases, SSL.com may request additional supporting documents before issuing a certificate. You can return to the document upload screen at any time by locating your order on the Orders tab of your user account and clicking the upload documents link.

      upload documents

      To validate the identity of a business or other organization, for EV code signing, please provide the following:

      In some cases, SSL.com may request additional supporting documents before issuing a certificate. You can return to the document upload screen at any time by locating your order on the Orders tab of your user account and clicking the upload documents link.

      upload documents

      When you are finished adding files, click Submit.

    14. When you have submitted your documents, your new certificate will have a status of pending validation until we verify the information you’ve submitted, including your telephone number. You can keep track of your order’s progress with the Validation Process checklist.Pending Validation
    15. As SSL.com staff completes validation steps for your order, the Validation Process checklist will be updated.Validation Process checklist
    16. If you ordered an EV code signing certificate, the Validation Process checklist will show more steps than for standard OV/IV code signing certificates.
      Validation Process checklist for EV code signing
    17. Please note that EV Code Signing customers can now pay an extra $500 to get their order validated and shipped overnight within 24 hours from the time that their validation documents are submitted.
    18. The remaining steps of this how-to covering callbacks and certificate generation apply only to standard OV/IV code signing certificates. Validation of EV code signing certificates requires manual callbacks from SSL.com, and your certificate will be shipped to you on a YubiKey FIPS USB token after validation. EV code signing customers should check out our FAQ, Getting Started With Your EV Code Signing Certificate.
    19. Once your telephone number has been verified, the perform callback link will be made available to you. To find it, navigate to the documents page of your order.
    20. Next, click the Perform Callback link, located at the lower left of the page.
      Perform Callback
    21. A dialog box will appear. Enter one or more email addresses to send the callback link to, and then click the Send button.
      Enter email addresses
    22. A green alert message will appear, verifying that the callback links have been sent.
      Callback link sent successfully
    23. When your callback email arrives, click the link in it.
      Callback link
    24. After clicking the link, a callback verification form will open in your web browser. To initiate a call to your verified phone number from our automated system immediately, just click the Call Now button. You can choose between a voice call and SMS text by using the radio buttons at the bottom of the form. Finally, by using the Callback Types drop-down menu, you can choose to schedule an automated call at a later time via the Scheduled Callback option, or schedule a direct call from a member of our staff by choosing Manual Callback. If you choose one of these options, form elements for scheduling the call will appear dynamically. (For more information on these options, please refer to our how-to on Callbacks for OV Certificates.)
      Callback form
    25. After clicking Call Now, a form for verification code entry will appear. When you receive your call it will include the code. Enter the four-digit code and then click the Verify Phone button.
      Phone verification code
    26. If everything has gone correctly, an alert message will appear in your browser confirming that callback verification is complete.
      Callback verification completed successfully
    27. After a successful callback, SSL.com will send you a Certificate Activation Link email message. Follow the link included in it, which will take you to the certificate generation page. Alternately, you can click the generate certificate link in the Action column of the Orders tab in your SSL.com account.
      Certificate Activation Link
    28. Click the Generate Certificate button.
      Generate certificate
    29. Your certificate is ready! You can copy and paste your certificate and private key from the on-screen fields, or generate a PFX file by creating a password and clicking download. Your password must be at least 6 characters. Remember this password, because you will need it when installing the certificate on your computer. It is also essential that you keep your private key in a secure location and do not lose it.
      Generate certificate
      Download certificate
You can now install your Code Signing certificate on your computer. If you need assistance with any of the above steps with installation and use of your certificate, please contact us at Support@SSL.com, 1-SSL-Certificate (1-775-237-8434) or just use the Live Chat option at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

Starting 2021, SSL.com customers now have the option to subscribe to eSigner, our cloud signing service, which allows you to conveniently add globally trusted digital signatures and timestamps to documents and code from anywhere, with no need for USB tokens, HSMs, or other special hardware. Your certificates and signing keys are securely stored in the cloud and can be accessed via the eSigner Express app or Cloud Signature Consortium (CSC) compliant API.

eSigner is fully compatible with the CSC cloud signing standard. You can seamlessly integrate eSigner with your organization’s document and code signing workflows. Software publishers and service providers can also use eSigner to offer digital signing capabilities to their customers.

eSigner is available to all SSL.com EV Code Signing and Document Signing customers. 

You can enroll in eSigner from the purchased certificate order in your account or visit  this page to get more information about eSigner and which subscription plan best suits your business needs.

Users can sign code with eSigner’s Extended Validation Code Signing capability. Click below for more info.


Video: Validation Requirements for OV, IV, and EV Certificates

Related How Tos

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Play Video

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com