The Essentials Series: Code-Signing Certificates

by Don Jones


Certificates are for more than just Web servers - and code-signing certificates in particular can make your enterprise more secure, make your software more accepted, and even stop malware in its tracks. Learn about the many ways in which code-signing certificates are being used to create more secure, more trustworthy, and more accepted software in a variety of different scenarios. No matter what kind of software developer or consumer you are, you'll learn how code-signing certificates work, how they're issued, how they're used, how they're secured, and even whether or not there's a difference between certificates issued from different authorities.


Article 1: What are Certificates?

Certificates are well-known for their role in encryption, but that's actually a side benefit. Their real purpose is identity, and in this article we'll explore how certificates work, why unsigned code is bad code, and how certificates are managed throughout their lifecycle.

Article 2: How Are Certificates Used?

Code-signing certificates have distinct uses for Web apps, mobile apps, commercial software, in-house software, and even as a software security device. We'll explore these uses and explain exactly how a certificate contributes for more secure, trustworthy software in each scenario.

Article 3: What's the Process for Using a Certificate?

The last article in this series offers step-by-step instructions, including examples for major software development platforms, of obtaining, installing, securing, and using a code-signing certificate. We'll also explore the end-user experience of signed code, from desktop applications to Web browsers.