In which format do I order the certificate?


Depending on the software in which you develop, you may need one format or another. For example, in Java, to sign .jar files you need to use the jarsigner tool. The easiest way is to use this tool by linking a keystore generated from the keytool. Although it is possible to work with PKCS#12 files with jarsigner, it is recommended to generate a key pair and a CSR from the keytool and attach the CSR in the certificate request form.


However, to sign files (.exe, .dll, .ocx, .cab ....) from the development tools, you may need to use certificates in PVK + SPC format. It is possible to convert a PKCS#12 to PVK+SPC format.

 In any case, you should consult the documentation of the development software you are using, both to sign the files and to select the application format to use.


 What is a code signing certificate?


It is a certificate that guarantees the author identity and the content integrity of a software application. Code Signing certificates are necessary for developers who wish to distribute software over the Internet or any corporate network and wish to ensure the integrity and authorship of that code.


For security reasons, in order to avoid virus and spyware infections, current browsers automatically block any program (ActiveX) contained in a Web page that is not signed with a recognised certificate.

A code signing certificate makes it possible to sign ActiveX, Macros, Java Applets... for secure distribution over any network.