Let’s talk about a code signing timestamp. Code signing is a requirement on most platforms nowadays. Whether you’re creating apps for Android and iOS or traditional software on a platform like Microsoft Windows — it needs to be signed by a certificate authority (CA) in order to be trusted. But code signing certificates expire in a set amount of time. Normally, that would render any signature that’s made by that certificate expired along with the certificate itself.
How to Avoid Code Signing Certificate Expired Issues
Code signing certificates expire, your digital signature doesn’t have to
A Code Signing certificate, like an SSL certificate, is only good for a set period of time. Afterwards it expires and can no longer be used. But that creates a potential problem: what happens to all the software you signed before the certificate expired? Are all of those digital signatures expired now too? Not if you timestamped them. Timestamping is a mechanism that ensures your digital signature remains trusted long after your Code Signing certificate has expired.