Code Signing certificates are now required to be installed on physical hardware tokens. For standard Organization Validation (OV) Code Signing certificates, you can either purchase pre-configured certificate tokens, or you can order a certificate to be installed on an existing hardware device you already own.

When purchasing your code signing certificate, you can choose the Certificate Delivery Method that works best for you. Please make sure to select the correct certificate delivery method before you complete your purchase, as the method cannot be changed afterward.

Token + Shipping

To order a pre-configured token from the Certificate Authority, select the Token + Shipping method. The cost of the hardware and the shipping fees will be included in the purchase price.

Install on Existing HSM

If you already own a compatible Hardware Security Module (HSM) and would prefer to install the code signing certificate on your own device, select the Install on Existing HSM method. 

Your HSM must meet the FIPS 140-2 level 2 standard at minimum.

Install on Existing Token

DigiCert Code Signing certificates can be installed on an existing SafeNet USB device. The following SafeNet series are supported: 

    SafeNet eToken 5110+ FIPS

    SafeNet eToken 5110 CC (RSA 4096 & ECC)

    SafeNet eToken 5110 FIPS (ECC ONLY)

What If I Chose the Wrong Method?

The certificate delivery method cannot be changed after your purchase is completed. If you need to use a different certificate delivery method, please cancel your order through your account dashboard and purchase another certificate with your preferred method selected.