Code Signing Certificate

Code Signing

Codes require trust, so there are no free code signing certificates. I’ve tried to send the application package to peers for evaluations through Google drive and Facebook messenger. They did a good job, and it means my codes go nowhere. Individual or organizational developers have to pay for them because of costs incurred during the validation process.

Certificate Market

The certificate market is like a maze. I Googled and found the following code signing certificates retailers provide useful information:

  1. COMODO SSL Store
  2. Cheap SSL
  3. SSL Shopper

I chose Sectigo from the COMODO SSL Store, a retailer of its former parent company, Comodo. However, the registration services are provisioned by the CertPanel for COMODO SSL Store. Sectigo is the certificate authority (CA); CertPanel is the registration authority (RA); COMODO SSL Store is the retailer. It isn’t straightforward!

That is, I placed my order of code signing certificate on the COMODO SSL Store, then submitted my certificate signing request (CSR) and government-issued ID on the CertPanel. Finally, Sectigo will validate my identity in three days by email notification and phone calls.

Bad User Experience, but Good Customer Support

The user experience of CertPanel is not so good. I have to call customer support to finish the registration process. Their website is cumbersome, buggy, and poor notification on error. An address requires no special symbol such as comma, period, dash, etc. Web cache is not well implemented, so that any mistake will turn the sunny scenario into rainy days. I don’t even know a 3072-bit RSA key works, but a 2048-bit one won’t. The filename of uploads requires even no space. It goes beyond my imagination. Luckily, they did provide excellent customer service. I appreciate it.

Registration and Validation

After generating a certificate signing request and finishing registration, it takes one to three days for Sectigo to complete the validation process under normal circumstances.

References

Leave a Reply