Comodo/Sectigo EV Code Signing Installation (Token + Shipping) : CheapSSLSecurity

Background Overview

After completing the enrollment -process for your Extended Validation (EV) Code Signing the Certificate Authority will begin the validation process. This process is not that much different than the regular Extended Validation SSL process, so if you need a refresher please check our other Knowledge Base article on this.

If you selected the Token + Shipping Method for your EV Code Signing certificate, the vendor will send you the pre-configured certificate USB token in the mail to your verified address as soon as validation is completed. You will need to download the SafeNet Authentication Client to use your EV Code Signing token.

What’s in the Package?

Depending upon your Certificate Authority, the package might be slightly different but contained inside the package should be the following items.

USB token - this contains your certificate with its private key
Letter from the Certificate Authority – This is the letter

Installing Safenet Authentication Client

For this part of the process, it is best to refer to the letter received by the Certificate Authority which will include a URL to access and install the required software: Safenet Authentication Client. Download and open the appropriate installer for the machine that you wish to use during the signing process.

Follow the installation process and once complete, please perform a reboot to ensure that the SafeNet Authentication client has been successfully installed. After successfully installing the Safenet Authentication Client software, follow the steps below to use your EV Code Signing.

Plugging in the USB

Before plugging in the USB, open the newly installed Safenet Authentication Client software. Once opened, you are ready to plug in the USB key.

At this point, your SafeNet Authentication Client should detect the USB key and populate your card into the application as seen above.

Changing the Password

While it is not required, it is recommended that you choose to “Change Token Password,” which will open the interface to change the password for the token. Using the password received from the Certificate Authority in email format, input the existing password and input a new unique password that meets the security requirements of SafeNET.

Collecting the Certificates

To proceed with the collection of the certificate to sign your application, click the “Gear” icon which will change the interface so that it appears similar to the one below.

Once clicked the interface will show a sidebar with any available tokens and drop-downs. Proceed to click into the drop-downs until you locate the certificate by your organization or individual name.

At this point you’re ready to begin signing your application with your Extended Validation Code Signing certificate!