76 out of 128 rated this helpful - Rate this topic

Get a VeriSign Code-Signing Certificate for Microsoft Authenticode from Symantec

Applies To: Windows 8

A VeriSign Code-Signing Certificate for Microsoft Authenticode from Symantec provides an extra layer of authentication when creating your company account. Symantec performs a complete check to ensure a malicious third party does not try to misrepresent themselves as your company. Additionally, signing files with a code-signing certificate ensures that only your company is submitting data to Microsoft, and adds a layer of security that goes beyond the traditional user name and password.

noteNote
You may have previously obtained certificates through VeriSign. VeriSign Authentication is now a part of Symantec Corporation.

There are many types of security certificates available, with varying degrees of authentication. Microsoft has chosen Symantec, a company with a proven and trusted track record in issuing codesign certificates. Microsoft has partnered with Symantec to sell, verify, and issue the VeriSign Code-Signing Certificate for Microsoft Authenticode. Through this partnership, Microsoft and Symantec are able to provide the Microsoft Authenticode Certificate for USD 99.

Code Signing creates a digital signature which shows customers the identity of the company responsible for the code and confirms that it has not been tampered with since the signature was applied. In software sales, a buyer can confirm the source of the application and its integrity by examining this digital signature.

Increasingly, customers download software from the Internet, install plug-ins and add-ins, and interact with sophisticated web-based applications. They risk compromising their security and the functionality of existing systems if they download malicious or faulty code. Code signing helps protect a company's brand and intellectual property with a digital signature which makes their applications identifiable and harder to falsify or damage.

A VeriSign Code-Signing Certificate for Microsoft Authenticode is a critical part of securing digital information, and is a requirement for establishing an account on the dashboard.

Prerequisites

Code signing certificates are available by organization (code signing on behalf of a company) or individual (not associated with a company). To obtain a VeriSign Code-Signing Certificate for Microsoft Authenticode, you need the following:

  • For Organizations: An established company with a physical address (P.O. boxes are not allowed)

  • For Individuals: A notarized form validating proof of a government issued photo identification

  • A computer connected to the Internet

    • Windows 7 and Internet Explorer 8 or higher is required when purchasing through the dashboard website and using the Winqual SignTool.exe

    • The same computer and browser must be used to retrieve your certificate

  • A credit card to purchase the certificate

  • SignTool.exe, included in the Windows Driver Kit (WDK) and the Windows Software Development Kit (SDK). For more info, see SignTool.

Starting with Internet Explorer 7, you need to add https://products.verisign.com as a trusted site. Follow these steps:

  1. Open Internet Explorer.

  2. Select Tools > Internet Options.

  3. Select the Security tab.

  4. Select Trusted Sites.

  5. Click Sites.

  6. Add https://products.verisign.com to the trusted sites list.

Purchasing a certificate

To purchase a certificate, follow these steps:

  1. Open Internet Explorer, go to Windows® Hardware Developer Center, and sign in with your Microsoft account.

  2. In the Establish an Account section, click the link for the VeriSign Code-Signing Certificates for Microsoft Authenticode.

    noteNote
    This will navigate your browser away from the Windows® Hardware Developer Center.

  3. Wait for the Code Signing Certificate page to load. To receive the Symantec promotional pricing, complete all of required fields, and then click Continue. The type of code signing certificate (Organization or Individual) to be issued will depend on the option that you select: Corporation or Individual.

  4. A confirmation page is displayed containing your Order Number. You'll receive an email at your Microsoft account email address that was entered on the previous page. This email includes a custom URL for registering and purchasing your promotionally priced code signing certificate.

  5. Click the URL from the email. The Microsoft Authenticode certificate is selected by default and cannot be changed. Click Continue.

  6. All applicable options are selected by default and cannot be changed. Click Continue.

  7. Enter the requested information for generating your Certificate Signing Request (CSR). This information will be replaced by the information you provide later, so don't worry about accuracy. Click Continue.

  8. When loading the next page, you may receive a popup dialog informing you that a site is attempting to perform a certificate operation on your behalf. Click Yes to continue.

  9. If you are applying for an Organizational certificate, provide your Organizational Contact information. This information will be used by Symantec to contact the specified individual to verify the existence of the Organization. When complete, click Continue.

    noteNote
    This screen will not be displayed if you selected a certificate as an Individual developer.

  10. Provide your contact information to purchase the Digital Certificate. When complete, click Continue.

    noteNote
    The required information differs depending on which certificate type you have selected. If this is an Organizational certificate, enter your Organization, Technical, and Billing Contact Information. If this is an Individual certificate, enter your Applicant and Billing Contact information.

  11. Provide payment information to purchase the Digital Certificate. When complete, click Continue.

    noteNote
    This step does not complete the purchase. The next page provides a summary and allows you to confirm your purchase.

  12. Review the Order Summary, Privacy Statement, and Subscriber Statement. When ready, click Submit Order.

  13. A Confirmation page is displayed, and an email is sent confirming your purchase along with the details of your order.

If any additional documents are required to fulfill Symantec's process, you will be notified by email. All Code Signing Certificate orders undergo a strict authentication to confirm the legitimacy of the submitted organization and/or developer. Be sure to save or print a copy of your order number for your records. You can check the status of your order by clicking on the Order Status page link.

Retrieving a certificate

  1. Once your contact information has been verified by Symantec and your certificate purchase approved, you will receive an email notification. The email will include a certificate pickup URL that is used to retrieve your certificate from Symantec. Follow the directions in the mail.

    noteNote
    You must use the same computer and browser to retrieve your certificate.

  2. On the Certificate Pickup page, click Continue.

  3. You will be informed that the web site is attempting to perform a digital certificate operation on your behalf. Click Yes to continue.

  4. The code signing certificate is now installed on your computer.

Help us help you
Answer questions that we’ll use to make the Dev Center better.
Was this page helpful?
Your feedback about this content is important
Let us know what you think.
Additional feedback?
Thank you!
We appreciate your feedback.
© 2013 Microsoft. All rights reserved.