Web Analytics

HSM Attestation for EV Code Signing and PDF Document Signing

HSM Attestation for EV Code Signing and PDF Document Signing

To order EV code signing and PDF document signing certificates from SSL.com, your private keys must be generated and stored in a FIPS 140-2 Level 2 (or higher) certified device, such as a secure USB token or hardware security module (HSM).

For this reason, SSL.com ships EV code signing and Business Identity document signing certificates to customers on YubiKey FIPS USB tokens. For any other HSM hardware or service (including customer-owned YubiKeys), we require proof that your private key was generated on the device before issuing any certificates. This process is known as attestation.

SSL.com currently offers automated attestation for YubiKey FIPS tokens, and has attestation procedures in place for AWS CloudHSM, Azure Dedicated HSM, and Google Cloud HSM. At the present time, we do not offer document signing and EV code signing certificates for installation on other HSM cloud services or hardware. 

SSL.com is currently developing and testing attestation procedures for a wide range of HSM platforms. If you are interested in ordering EV code signing or PDF document signing certificates from SSL.com for installation on an HSM that we do not currently support, and want to stay updated on platforms that SSL.com supports, please fill out and submit the form below.

HSM Inquiry Form

Thank you for choosing SSL.com! If you have any additional questions, please call us at 1-800-SSL-SECURE, email Support@SSL.com, or just click the chat link at the bottom right of this page at any time to reach our 24/7 support team.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.