Open Source Code Signing - code

Are you a programmer or developer and share your software as free to use? Do you share it as open source project?

Secure your software with an Open Source Code Signing certificate, which provides:

Integrity
Elimination of the "Unknown publisher" message
Trust of your software users
Building a Microsoft SmartScreen Filter reputation

An electronic code allows the certificate activation for customers who have their own cryptoCertum cryptographic card and reader.

Code electronic delivery of on-line

Certyfikat Open Source Code Signing

Skip to the end of the images gallery

Skip to the beginning of the images gallery

Details

The Open Source Code Signing certificate is a certificate that allows you to digitally sign software. The certificate is trusted by Microsoft and supports building the Microsoft SmartScreen Filter reputation.

By securing your software with an Open Source Code Signing certificate, you can protect your code from unauthorized modification and provide users with the security of the downloaded application.

By signing your code with an Open Source Code Signing certificate, people who download and install your software:

Wil not see “unknown publisher” warnings;
Will be sure that the software comes from a trusted source;
Will be guaranteed that the downloaded program hasn't been modified after its release;
Will be less likely to see the Microsoft SmartScreen Filter screen, which you eliminate by signing the software.

Read about the certificate issuance and usage information, available on the next product description tabs.

Use and benefits

Benefits of the Open Source Code Signing certificate:

Protect your good name and reputation;
Gain the trust of users;
Provide reliable identification of the origin of the software;
Receive a guarantee of the integrity of your applications;
Make the installation of your software easier and ensure that it meets the requirements of the platforms on which it is installed;
Add a timestamp, so that after the certificate expires, your application can still be installed without warnings about the lack of a signature.

Compatibility:

Trusted by Microsoft, also for building the reputation of Microsoft SmartScreen Filter;
Trusted in Java;
Supports signing using tools installed in Linux/Unix and macOS systems;
Supports signing a number of file extensions, depending on the tool used, including: .exe, .msi, .dll, .jar, .war, etc..

Technical requirements

Requirements:

proCertum CardManager application;
Cryptographic card reader;
Cryptographic card reader drivers;
Cryptographic card cryptoCertum 3.5 or cryptoCertum 3.6;
Initialized common card profile.

Specification:

Data in the certificate: natural person data prefixed with “Open Source Developer” phrase;
Compliant with the X.509 v.3 (RFC5280) standard;
Signed with RSA SHA-2;
Minimum length of cryptographic keys: RSA 3072 bit;
Key storage: CC EAL6+;
Issued in accordance with the international WebTrustSM/TM standard and CA/Browser Forum.

Note: Please be advised that in case of returning the Open Source Code Signing set, it is not possible to return the cryptographic card and refund for it.

Verification