現代虎符 - CA(憑證)
EV CA Survey for Phoenix
Extended validation code signing certificates
(required for UEFI, kernel-mode drivers, and LSA certifications)
US 479 (NT15,989) for 3 years
DigiCert Order Form - Purchase Digital Certificates
Step2: 商家 for 組織
Google My Business, or Data.com Connect business directory.
Please follow one of the links below to list your company:
(must be Google My Business, Google+ is not sufficient)
Step3: 確認 by Phone Call
Step4: Legal Review
Section 4.9.1 of our Certificate Policy, which coincides with the Baseline Requirements for issuance of certificates for all Certificate Authorities, states the following regarding circumstantial situations associated with revocation:
"For code-signing certificates, the certificate was used to sign , publish, or distribute malware or
other harmful content, including any code that is downloaded onto a user’s system without their consent."
EV Code Signing certificates are under strict scrutiny for being associated with PUP, Malware and/or
Adware among other things. Microsoft has specifically requested we not issue any EV Certificates to entities with confirmed instances.
Step5: HSM Audit Letter Sign
Step6: 簽收 @ 2016.12.16
Activate Your EV Code Signing Hardware
SafeNet eToken 5110 Token-Based Authentication
Token category: Hardware
Reader name: AKS ifdh 0
Serial number: 0x02538d1a
Total memory capacity: 81920
Free space: 32767
Hardware version: 12.0
Firmware version: 12.0
Card ID: 02538D1A
Product name: SafeNet eToken 5110
Model: Token 188.8.131.52 12.0.12
Card type: Java Card
OS version: eToken Java Applet 1.7.7
Mask version: 10.0 (a.0)
Supported key size: 2048 bits
Token Password: Present
Token Password retries remaining: 10
Maximum Token Password retries: 10
Administrator Password: Absent
FIPS: FIPS 140-2 L3 initialized
Common Criteria: N/A
Sign padding on-board: Yes
The current password that you will need to enter is: kDIRyNnVG7EhIhWG
a.) Install the Device Driver and Client Software
b.) Change your eToken's password
Step9: Downloading the Code Signing Cross-Certificate
Before you can use Signtool to sign applications, you need to download the DigiCert Code Signing Cross-Certificate on the computer where you installed your Code Signing Certificate. You will need to specify this certificate in Signtool.
Click here to download the DigiCert Code Signing Cross-Certificate
All DigiCert® SSL Certificates issued with expiration dates after January 2011 are issued from a 2048-bit certificate path. The root certificate in this path is titled DigiCert High-Assurance EV Root CA and is already trusted by all modern browsers.
Cross-Certificates for Kernel Mode Code Signing
Sign with cross-certificate for SHA1&SHA256
Step11: DigiCert® Certificate Utility for Windows
Certificate Management & Troubleshooting Made Easy
The Utility simply mirrors information that is in the personal certificate store of the local computer account, where the utility is being run.
Likely one is the main cert and one is a duplicate certificate of that main one. Nothing is wrong with having more than one certificate on the server.
國際駕照 + ESTA