Code Signing certificates

Currently use Comodo (which is set to expire in about 60 days) and have used Sectigo… but since the prices have pretty much doubled since the last time we purchased our certificates I found FastSSL who are also brokers for Sectigo and Comodo… and they offer their own code singing certificates at a substantially lower cost.

Has anyone here used them?

Any issues using them with Windows && PACE?

Cheers,

Rail

3 Likes

You should hold off at least until Build 2024 if you can.

There may soon be a much easier and maybe a little cheaper system put in place to do code signing:

Thanks. I think a quota system will end up being much more expensive for the amount of work I do than a yearly renewal which has no quota and the released signed products are time stamped so don’t expire.

Rail

Yes if you need to sign more than 5000 binaries a month, a code sign cert will probably be cheaper.

released signed products are time stamped so don’t expire

Are you saying any released binaries signed by Azure Code Signing will eventually expire? Do you know how long they last? It certainly would be annoying to have to resign the same binary over and over again.

The only thing related to time I saw in the other thread’s document was this:

Unlike certificates issued from authorities such as Sectigo, DigiCert and others, the certificates issued by ACS are only valid for a short time (e.g. several days) so that certificates cannot be stolen easily.

2 Likes

We used signmycode.com to get a Sectigo EV certificate on a physical dongle last year. I was skeptical about it, wondering how they can provide the same product so much cheaper. The only explanation I could find is that they are able to take advantage of volume discounts somehow. Anyway, after placing the order with signmycode.com and submitting all the relevant information, I got a confirmation email from Sectigo and received the physical dongle.

I guess the process with the site you found would be similar.

2 Likes

Yes, they’re brokers who can discount the licenses… I was really wondering about the cheaper FastSSL “generic” certificate which is much cheaper at $129/year… but I don’t know anyone who’s actually tried it.

Cheers,

Rail

I’ve used Ksoftware without issue. Just another reseller.

I have been using an ev code signing certificate from signmycode because their price structure matches my budget after all I decided to purchase for 3 year

1 Like

I can’t wait for you to make this child-proof, @sudara. :wink:

I just got an email from Sectigo last week saying that they are going to increase their prices on 1st June, and urging me to buy another certificate before their prices go up. My current EV has 6 months left.
Perhaps they are concerned about Azure?
I’d like to look into Azure, if its cheaper, I only have three products to EV sign. Has Build24 happened and Azure signing released? I don’t know much about Azure signing procedure at this stage.

1 Like

Yes, see my article and the active thread.

3 Likes

Just for fun I clicked on all people posting they use signmycode, and they all posted pretty much one message and disappeared…
Sounds bot-ty to me :thinking:

EDIT: thanks mods for cleaning that up :slight_smile:

3 Likes