This document provides details regarding the information and processes required to obtain a code signing certificate, as well as the instructions to download the certificate once it is issued.
Criteria to Request a Code Signing certificate
To request a code signing certificate, please make sure your request meets the criteria below.
- Make sure you are submitting the request from a UW-Madison affiliated email address. Requests from non affiliated email addresses will be declined.
- The code signing certificate request can only be submitted for software or applications that are affiliated with UW-Madison.
- The code signing certificate can only be sent to a UW-Madison affiliated email address.
To request a code signing certificate, please send the information below to firstname.lastname@example.org.
- Explanation of why a code signing certificate is needed. A reason to use one in the past may no longer be valid, and no longer requires your time to maintain and renew.
- Brief description of the software or application regarding its intended purposes and who the audience is?
- What domain is the software or application tied to? If the software or application is not tied to a domain, which department or domain is the software or application associated with?
- For domains that do not currently exist in the certificate provider system, they will need to be added to the system and vetted by Domain Control Validation (DCV).
- If your domain does not exist in the system and needs to be added, you will be asked to contact email@example.com to assist you with accomplishing this process.
- What contact email would you like to appear on the code signing certificate (Note: Must be a UW-Madison affiliated address)?
- What is the contact information that UW Digital ID should use incase issues or questions arise? Please provide: Full Name, Email, Phone.
- How long should the code signing certificate be valid for (Max is 3 years)?
Obtaining and Downloading the Code Signing Certificate
Once your request is approved based on the information that you provided above, you will receive an email indicating that you have been enrolled for a code signing certificate. The email contains some instructions that you will follow to obtain your code signing certificate (See Below).
After clicking the validation link, you will be prompted with the following screen where you will generate your private key to be used with your code signing certificate. Please select the key size 4096 or higher if possible, and click the "GENERATE" button.
Once the private key is generated, you will be prompted with the following screen indicating that you have successfully applied for a code signing certificate and will be contacted by email once your certificate is ready.
You will receive the following email indicating that your certificate is ready for download which is accessible by clicking on the specified link.
Clicking the download link will automatically open your default browser and begin downloading your code signing certificate. You will also be prompted with this message containing some important information.
NOTE:In the past, all of the major web browsers supported the Key Generation () function, but as of August 2021, the only known combination is Window 10 using the Latest version of Firefox (92.x).
NOTE: Downloading the certificate can be done in any browser.
Your code signing certificate is now ready for you to use. Unfortunately, Server Certificates does not support the process of installing the certificate, this process is up to the user to complete.
NOTE: In the event that any part of these instructions do not work, please use the information on this KB Doc to contact Sectigo directly to complete your Code Signing Certificate Request: SSL Certificate Support