FAQs - Code Signing | Actalis Guides

The software signed with timestamping will continue to be valid. Without timestamping, the signatures will no longer be recognized.

Since February 2024, Microsoft neither accepts nor recognizes EV Code Signing certificates. Furthermore, the CCADB (Common CA Database) does not accept compliance audits related to EV Code Signing.

Therefore, both EV and non-EV Code Signing certificates now have the same value for Microsoft.

Yes, you can provide a mobile phone number when you buy a certificate.

The password for your Code Signing certificate does not expire and is valid until the certificate expires.

Currently, Code Signing does not support signing manifest files generated by Visual Studio (and other IDEs). If your application requires this type of signature, integrate a p12 or another similar store directly into the IDE at the end of the build phase.

You do not have to store the private key on secure devices, but we strongly recommend that you do.

Yes, the signature you obtain from Actalis Code Signer complies with that of SignTool. Read the guide to download Actalis Code Signer.

Visit the website to read the best practices for Code Signing.

No, ActalisCodeSigner does not current support the signing of manifest files generated using Visual Studio or other IDEs.

The remote Code Signing account is created with an expired initial password.

The first time you sign in, the system prompts you to set a new password. Follow the wizard to change it. Without updating the password, the account cannot be used for signing.

Yes, you can include a specific Business Unit in the Code Signing Certificate. You will find the Business Unit among the fields for remote user access.

In the standard provisioning flow for Code Signing Certificates, the Business Unit is not supported.

This message may have been sent to you during the Code Signing Certificate activation process. Check that the Certificate you have been sent is a Code Signing Certificate.

For further details, open a support request.

One of our validation specialists will contact you during the validation process, so you won’t have to repeat the whole procedure.

If the executable is signed regularly without parameters but the procedure crashes using -pm or -pr, it could be that the parameters are not configured correctly.

Check that the values of -pm and -pr are correct and respect the required syntax.

Read the manual and check that these parameters are present: you can only find them among the signature attributes, in the advanced properties of the signed file.

FAQs - Code Signing

What happens when a Code Signing certificate expires?

What has changed for EV Code Signing certificates since February 2024?

Can I buy a Code Signing certificate providing a mobile phone number instead of a company landline?

How frequently does my certificate password expire?

Does a Code Signing certificate allow you to sign manifest files?

Do I need to keep the private key in encrypted hardware devices?

If I use Actalis Code Signer, is my signature compliant with the one I would have with the Windows standard SignTool?

Where can I find Code Signing certificate best practices?

Does ActalisCodeSigner allow you to sign manifest files?

Why do I need to change the password before signing?

Can a Code Signing Certificate contain a specific company Business Unit?

I have received an email with the message "SSL certificate issued" even though I haven’t purchased an SSL Certificate. What does this mean?

What happens if the Common Name of the Code Signing Certificate is wrong?

How do I use the -pm and -pr parameters to add details when signing an executable?

AdBlock detected