Your certificate is your signature. It provides your users with trust.
Ensure that only your code is signed with your certificate.


Code signing is used to indicate and verify the publisher of software programs and make sure the software has not been modified after publishing.

Define what will be signed

By specifying your software artifacts, you ensure that only intended code will be signed with your key.

  • Define structure and content of your packages
  • One-stop signing of nested packages: installers, ZIP archives, executables and libraries, extensions and add-ins


Define who can publish new releases

When a new version of an artifact is built, it is submitted to the signing process and approved.

  • Manage users and permissions
  • Define who can submit a release
  • Define who must approve a release before signing
  • Full auditing of activities and artifacts


Integrate with your development process

Seamless integration with your build and release processes.

  • Submit code manually or use continuous integration
  • Define separate rules and certificates for internal and release builds
  • Use notifications and REST APIs

TRY IT NOW - We will guide you through

You don‘t have to become an expert for certificates, cyphers, key-strength, PKI, CRLs, timestamps or anything else that happens under the hood. But we do tell you about it and help you understand the consequences. There are some important choices that you need to make along the way, and we will guide you through them.


The signing process is performed in a secure and correct way

Your private keys are kept secure

Rest assured that your private keys can never be compromised.

  • Create, manage and renew code signing certificates
  • Private keys are automatically generated and stored in a FIPS-certified Hardware Security Module (HSM)
  • HSM and servers are located in physically secured data centers
  • No need to hassle with USB tokens or rely on unsafe certificate storage


Choose from many signing methods

These signing methods are currently supported:

  • Authenticode: installers and executable code
  • ClickOnce manifests: Smart Clients, Microsoft Office Add-ins
  • Open Packaging Convention: Visual Studio extensions
  • NuGet packages
  • Java archives
  • Timestamps
  • Cryptographically secure SHA-2 signatures

Icon Security

Get instant reputation with EV certificates

Benefit from the extended trust offered to Extended Validation (EV) certificates

  • Get instant SmartScreen reputation, no warnings
  • guarantees private key EV compliance
  • Simple integration with build automation: no USB tokens, no drivers, no password prompts