Microsoft Designated Windows Hardware Partner CA

ZoTrus Technology selects Sectigo from the six Microsoft-designated CAs for issuing EV code signing certificates that can be used to register for Windows Hardware Partner Center to issue both regular code signing certificates and EV code signing certificates to users. ZoTrus Technology's founder has a 21-year partnership with Sectigo, this long-standing collaborations.

Microsoft Hardware Certification Designated CA

yes

Microsoft Windows Trusted CA

yes

Cloud Signing Service Preferred

To be activated

UKey Local Signing Preferred

Yes, it is China made UKey delivered by SF Express from Shenzhen.

Root CA certificate compatibility

Best (Old root since 2004)

Certificate Type

OV and EV code signing certificates

Free timestamp

Available at: http://timestamp.sectigo.com

Identity Validation

CA checks business registration databases and provides Chinese telephone call verification.

Certificate issuance time

1-3 business days

Certificate signing availability time
(UKey Local Signing)

After the certificate is issued, the UKey will be delivered from Shenzhen by SF Express within 24 hours.

Certificate signing availability time
(Cloud Signing Service)

Cloud signing service is available immediately after certificate issuance.

Certificate availability status reminder

Email, WeChat

Choose one of the two options

When applying for a certificate, choose cloud signing or local signing.

Certificate Path (IV/OV)

Certificate Path (EV)

Code signing and code signing certificate basics

Code signing is a method of digitally signing files, programs, or software updates using X.509 certificates to ensure that the files or software have not been tampered with or corrupted. It provides users with an extra layer of protection, ensuring the software code is trustworthy and secure. Software developers digitally sign their software programs, applications, and drivers using code signing certificates to prevent unauthorized parties from tampering with or corrupting applications. Unsigned applications are easily modified to include malware or viruses; these untrusted applications display warning messages, leading to lower installation rates. Code signing certificates issued by CAs trusted by Windows can prevent all these problems.

Users can choose from three types of code signing certificates: IV Code Signing Certificate for personal, OV Code Signing Certificate for Organization, and EV Code Signing Certificate for Organization. The different uses of each certificate are shown in the table below. Please select the appropriate code signing certificate according to your needs. These certificates are used for digitally signing different types of code files, such as: .sys, .cat, .exe, .dll , .cab, .ocx , XML, .jar, .apk , .arx , .air, .airi , .xap , Office VBA , etc.

Given that quantum computing will be able to quickly crack digital signatures implemented using traditional cryptographic algorithms in the future, international standards organizations have set a timeline to shorten the validity period of code signing certificates to 450 days (one year and three months) since March 1, 2025. This means that from March 1, 2025, users will only be able to purchase one-year code signing certificates. The validity period of SSL certificates will also be shortened to 47 days, reflecting this trend towards shorter validity periods for code signing certificates. Therefore, it is recommended that users purchase code signing cloud services, where they don't need to worry about the validity period of the code signing certificate, but only need to purchase the required validity period of the code signing cloud service.