Code signing certificates - recommendations

Question

Hi

For many years I have purchased my code signing certificate via https://www.ksoftware.net/ - the last time a 3 year OV code signing certificate. This year the company won't even respond to emails and looking on review websites e.g. trustpilot has gone down hill dramatically and I am not sure I can trust them.

My previous certificate was an OV issues by Sectigo (previously) Comodo.

A lot has changed since I last renewed as with OV you didn't need a hardware token like you did with EV, but it seems now you do, so prices have also jumped up.

Just wondered if others here had recommendations on good suppliers / issuers? as always a worry paying money to a company never used before and so many other CA's e.g. Certum, Globalsign, DigiCert etc as well as the my previous (Sectigo), so not sure where to turn.

I am based in UK if that makes any difference, although it seems from research already done that most will be shipping tokens from US! hence additional costs for shipping as well!, but will renew for 3 years to negate that cost a bit.

Thanks

Answer 1

As per new CA/B forum guidelines for strengthening data security, hardware tokens/HSMs are now mandatory even for OV code signing certificates.

I have also been using code signing for years now, whereby I usually obtain my code signing certificates from SignMyCode for their pricing and trustworthy assistance from their support team for obtaining code signing certificates. I can surely recommend them to someone for their code-signing solution partner.

You can check out Comodo, Sectigo, and DigiCert CA-based code signing certificates are offered by SignMyCode.com here: https://signmycode.com/uk/code-signing-certificates