Starting on June 1, 2023, at 00:00 UTC, industry standards will require private keys for standard code signing certificates to be stored on hardware certified as FIPS 140 Level 2, Common Criteria EAL 4+, or equivalent. This change strengthens private key protection for code signing certificates and aligns it with EV (Extended Validation) code signing certificate private key protection.
The new private storage key requirement affects code signing certificates issued from June 1, 2023, and impacts the following parts of your code signing process:
DigiCert® KeyLocker: General availability coming May 30, 2023
Want to eliminate tokens from your code signing certificate process? DigiCert will begin offering our new cloud-based solution, KeyLocker, where you can generate a private key and a CSR for code signing and EV code signing certificates. More information coming….
DigiCert® Software Trust Manager
Looking for something more robust? Transition to DigiCert® Software Trust Manager to improve your software security with code-signing workflow automation that reduces points of vulnerability with end-to-end company-wide security and control in the code signing process—all without slowing down your process.
To learn more about how DigiCert® Software Trust Manager has helped other organizations, see our case study Automated Signing Speeds Build Times While Improving the User Experience.
Please contact DigiCert Support for further assistance.