ComodoSSLstore Loading

How Does EV Code Signing Work?

Extended Validation Code Signing adds a layer of security to the signing process

By now you know that EV Code Signing is the only way to get instant Application Reputation from Microsoft SmartScreen. But how does it work? Let us walk you through the process-from validation to signing.

Extended Validation

You purchase and order your EV Code Signing certificate just like any other code signing certificate, but the validation is a bit more intensive. Not unlike with EV SSL, Comodo is going to put your through a rigorous vetting process to ensure that you are legally registered entity operating in good faith. If that all sounds like a lot-it isn't. And company or organization with up-to-date registration information will cruise through validation.

Friendly Tip: Need help with validation? We've got you covered. Our SSL experts are available 24/7 to help you navigate the validation process.

An Added Layer of Security

All Code Signing certificate private keys are physically mailed to you on an external hardware token, which adds another layer of security to protect against unauthorized access. A compromised private key can be used to sign malicious software, which would crater your reputation across all browsers. By storing your private key on an external hard drive, it prevents anyone from illegally accessing it on your network.

Walk Me Through the Signing Process

How Does EV Code Signing Work

Hashing

After your software is created, you hash it. This hash lets users know whether or not the software has been tampered with. If the download doesn't produce the correct hash value, the browsers know it has been compromised.

Signing

Now it's time to insert your external hardware token and use your private key to digitally sign and timestamp your software. This lets the browsers know who published the software and whether to trust it or not.

Download

After the software is hashed, signed and timestamped, it can be posted for download. Whenever a customer tries to download it, their browser will know who published it, whether to trust it and if it's been tampered with.

Get Trusted by Microsoft SmartScreen

The biggest advantage to Extended Validation Code Signing is that it affords you instant Application Reputation in Microsoft SmartScreen. Read that again: Instant Trust. After undergoing extended validation, Microsoft views you as a reputable, upstanding company. That means more conversions. It means expanding your customer-base by as much as 25% (based on Microsoft's market share). Can you afford to leave that on the table?

Gain Trust Instantly

It's 6AM & your site is down.

How fast can you fix it?

Get rid of website stress with CodeGuard Backup – automatic backups and one-click restore mean you can fix website issues in minutes!

Get Codeguard Backup

They Trust Our Solutions:

Close

ComodoSSLstore.com uses cookies to remember and process the items in your shopping cart as well as to compile aggregate data about site traffic and interactions so that we can continue improving your experience on our site. Learn more about Cookies