These instructions are only for Comodo/Sectigo Code Signing installation on SafeNet eToken. If you have a DigiCert Code Signing eToken, or you are installing your certificate on a hardware security module (HSM) please refer to one of the other guides in our Code Signing Certificate Hardware Setup knowledgebase.
Background Overview
After you have completed enrollment and validation for your code signing certificate, it will be delivered to you based on the certificate delivery method you chose when you first purchased it.
If you selected the Token + Shipping Method, the Certificate Authority will physically mail the pre-configured certificate USB token to your verified organization address. The CA will also send your certificate administrator an email containing a few instructions for setting up the token, including the token password.
Download SafeNet Authentication Client
To setup your code signing certificate token, you must download the SafeNet Authentication client. The CA has provided these downloads which include the SafeNet drivers, release notes, and user guides.
An important note about the User Guides: there are instructions for several operations that should never be attempted on your Comodo/Sectigo code signing token. Please review our guide for Preventing Locked eTokens for Code Signing and take caution when following the SafeNet documentation.
Windows Supported Windows OS: Windows Server 2022 (64-bit) Windows Server 2019 (64-bit) Windows Server 2016 (64-bit) Windows Server 2012 and 2012 R2 (64-bit) Windows 11 up to 22H2 Windows 10 (32-bit, 64-bit) up to 21H2 Windows 8.1 (32-bit, 64-bit) | SafeNet Authentication Client 10.8 R8 (Windows) OR SafeNet Authentication Client 10.8 R8 GA Minidriver (Windows) |
Linux Supported Linux OS: Red Hat 8 and 9 CentOS 8 and 9 Fedora 34, 36, and 37 Ubuntu 20.04 and 22.04 | SafeNet Authentication Client 10.8 R1 GA (Linux) |
Mac Supported Mac OS: macOS 12.1 (Monterey) macOS 11.6.2 (Big Sur) macOS 10.15.7 (Catalina) | SafeNet Authentication Client 10.8 R1 GA (MacOS) |
Install SafeNet Authentication Client
Unplug your eToken from your device.
Download the SafeNet Authentication Client (SAC) folder.
Click into the MSI folder, then click into either the x32 or x64 folder (whichever is required for your system). From there, run the MSI installer.
The SafeNet Authentication Client Installation Wizard window will be displayed on your Windows computer, click Next.
Select the appropriate language for SafeNet Authentication Client interface language, Click Next.
Accept the license agreement radio button, click Next.
Select Destination Folder, click Next.
Select the radio button for Typical Install, click Next.
Click Install. It may take a few minutes to complete installation.
Click Finish.
Finally, you may need to restart your system for these changes to take effect.
Setup Code Signing Token
Run SafeNet, then plug the code signing token into your PC. SafeNet should detect the token and display several options for token management.
Change the Password
While it is not required, it is recommended that you choose to “Change Token Password,” which will open the interface to change the password for the token. Using the password received from the Certificate Authority in email format, input the existing password and input a new unique password that meets the security requirements of SafeNET.
Viewing the Certificate
To view the certificate details, click the Gear icon near the top right of the SafeNet client.
Once clicked the interface will show a sidebar with any available tokens and drop-downs. Proceed to click into the drop-downs until you reach your organization's certificate.
At this point you’re ready to begin signing your application with your Code Signing certificate!
