Your Simple Guide to Collect EV Code Signing
4 EASY STEPS TO COLLECTION
can get on your way with signing your application!
Please Note: This guide is very text heavy as the process is quite different. Please read the entire guide verbatim to prevent any confusion.
How to Collect my EV Code Signing
The EV Code Signing collection process is a lot different than the standard Code Signing process, but that’s because of the elevated security practices being used. Not to worry however, as we’ll guide you through the process of collecting the EV Code Signing so you can get on your way with signing your application!
Please Note: This guide is very text heavy as the process is quite different. Please read the entire guide verbatim to prevent any confusion or headaches along the way.
After completing the enrollment process for your Extended Validation (EV) Code Signing certificate the Certificate Authority will begin the vetting process. This vetting process is not that much different than the regular Extended Validation SSL process, so if you need a refresher please check our other Knowledge Base article on this.
Upon successful validation of the EV process, the Certificate Authority will mail your EV Code Signing certificate and private key to the address used during the enrollment process. Yes, the EV Code Signing certificate is physically mailed to you using a mail carrier such as FedEx or UPS. This is because of the security requirements that dictate all EV Code Signing private keys be kept off the device to ensure maximum security.
What’s in the Package?
Depending upon your Certificate Authority, the package might be slightly different but contained inside the package should be the following items.
- USB token – this contains your certificate with its private key
- Letter from the Certificate Authority – This is the letter in the package.
1Installing SafeNet Authentication Client
For this part of the process, it is best to refer to the letter received by the Certificate Authority which will include a URL to access and install the required software: SafeNet Authentication Client. Download and open the appropriate installer for the machine that you wish to use during the signing process.
Follow the installation process and once complete, please perform a reboot to ensure that the SafeNet Authentication client has been successfully installed. After successfully installing the SafeNet Authentication Client software, follow the steps below to use your EV Code Signing.
2Plugging in the USB
Before plugging in the USB key, open the newly installed SafeNet Authentication Client software. Once opened, you are ready to plug in the USB device.
At this point, your SafeNet Authentication Client should detect the USB key and populate your card into the application as seen above.
3Changing the Password
While it is not required, it is recommended that you choose to “Change Token Password,” which will open the interface to change the password for the token. Using the password received from the Certificate Authority, input the existing password and input a new unique password that meets the security requirements of SafeNet.
PLEASE NOTE: If you have a DigiCert brand EV Code Signing Certificate, please contact our support team to request your initial token password.
4Collecting the Certificates
To proceed with the collection of the certificate to sign your application, click the “Gear” icon in the upper right-hand corner.
Once clicked the interface will show a sidebar with the tokens currently plugged into your machine. Proceed to click on the drop-downs until you reach your company’s specific certificate as seen in the example below.
At this point, you’re ready to begin signing your application with your Extended Validation Code Signing certificate! Please note the process is a bit different than your typical code signing. If you would like assistance using Sign Tool with an Extended Validation Code Signing, please refer to our other knowledge base article here.