Code Signing Changes


Sectigo muestra el siguiente mensaje al entrar en SCM:

Code Signing Changes

Sectigo has now activated the changes required by CA/B forum for public code signing within Sectigo Certificate Manager. These changes require all Certificate Authorities to guarantee that the Subscriber's Private Key is generated, stored, and utilized in FIPS-compliant hardware, significantly enhancing security and minimizing the risk of compromise.

Existing public code signing certificate templates have been switched to offer a code signing certificate on a token shipped securely from Sectigo. The cost for the Sectigo token is $65 USD/£51.5 GBP/€58.72 EUR and expediated shipping is $90 USD/£71.92 GBP/€82.42 EUR.

Customers wishing to use their own hardware devices can contact Sectigo support to have a certificate template provisioned that allows key attestation based enrollment. Sectigo currently supports Thales/Safenet Luna/netHSM devices (for RSA keys only) and Yubico FIPS Yubikeys (for ECC keys only) for key attestation.

If you have already ordered a code signing certificate that has not been issued the order will be abandoned. We apologize any inconvenience this may have caused.

Additional details are available in our Knowledge Base. If you require more information please contact support.