![]() ![]() When reissuing code signing certificates, you must install the certificate on a supported hardware token or HSM. Reissuing certificates after June 1, 2023.Hardware tokens and HSM devices must be FIPS 140 Level 2, Common Criteria EAL 4+, or equivalent. To use an HSM, you must comply with the requirements found in Section 13 (Security and Use of Key Sets) in the Digital Certificates by DigiCert – Terms of Use. DigiCert provided hardware token – $120.00 (USD) Like EV code signing, they have three provisioning options. ![]() In other words, choose the hardware to store the private key on. When ordering and renewing a standard code signing certificate, you must select a provisioning method. Ordering and renewing code signing certificates after June 1, 2023.Then you need the password to sign your code with the code signing certificate on the token. For example, you must plug the token into your computer for token-based code signing. To use a token-based code signing certificate, you need access to the token or HSM and the credentials to use the certificate stored on it. Private keys and certificates must be stored and installed on tokens or HSMs (hardware security modules) certified as at least FIPS 140-2 Level 2 or Common Criteria EAL 4+. ![]() This new requirement means Certificate Authorities (CAs) can no longer support browser-based key generation and certificate installation or any other process that includes creating a CSR (Certificate Signing Request) and installing your certificate on a laptop or server.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |