Nigel Thomas 28 Posted March 8, 2023 I've just dug out the old K-Software "renewal" offer, appending it here just for info. Quote On 2017-08-17 we received order number XXX for a Code Signing Certificate for the name XXX This certificate will expire on 2021-08-17 Because code signing certificates have to be re-keyed every time and the expiration dates are encrypted into the certificate directly, there isn't a true renewal process for code signing like there are for some other types of SSL certificates. DON'T PANIC! Step 1 : Place a new order for an OV code signing certificate from our website : https://www.ksoftware.net/ - names, email addresses or postal addresses can be changed at that point. Use the coupon code XXX for a 10% discount on any term. To make the process as smooth as possible, we recommend using 'real' IE -- that is the only browser that supports secure key generation these days (the certificate is in NO way tied to IE afterward, it is just the best tool to generate a key and CSR automatically). Step 2 : After the new order is in, open a ticket with the Sectigo team from https://codesigning.ksoftware.net/comticket and let them know that you had a previous code signing certificate, making sure you include both your old and new order numbers (the old order number is above). They'll reply back and ask if any additional information is needed. Step 3 : Sectigo will issue the new certificate directly to you via email, don't forget to collect on the same PC/Browser that you used in Step 1, then you can export to a PFX/P12 file with the instructions from here : http://codesigning.ksoftware.net/export Please feel free to reply to this email or give me a call if you have any questions or concerns. -- - Mitchell Vincent - K Software 2 Share this post Link to post
astral2k5 2 Posted April 19, 2023 (edited) We've also used for the last 10 years certificates from Comodo(now Sectigo) through Tucows and then KSoftware. But after reading this post, checking what's with KSoftware I saw the bad reviews on trustpilot for the last year and other blog posts. So I began to search for a safe and better alternative, and found 2: ssl.com (they have their own CA from what I understood) and ssl2buy.com (they use Sectigo CA and DIGICERT CA), SSL.COM offers OV Code Signing Certificates for up to 10 years (but the certificate is for 3 years and you need to get verified again for each 3 year period) the price seems correct, not cheap. I liked that they will offer the option to use your own FIPS YubiKey with their certificate after 1st June 2023. The second option I found and decided to use is ssl2buy.com (they have good chat support and good reviews on trustpilot), I ordered the 3 years OV code certificate and hope to have it in a 1-2 days (already in contact with Sectigo for callback) I also got a good deal for 42.90$/year on the 3 year and for my first order an extra 10% so 116$ 🙂 really cheap. You can find the special deal on this page, is valid till April 30th. On Sectigo page they say they allow till 24th Apr orders without the FIPS Token. https://www.ssl2buy.com/cheap-code-signing-certificates-ads Hope this helps others finding a reliable alternative to KSoftware. P.S: After you place the order, they send an email where you generate the CSR code (doesn't matter which browser you use), make sure you save your private key. Edited April 19, 2023 by astral2k5 Share this post Link to post
Vincent Parrett 657 Posted April 19, 2023 If you use CI or automated builds, avoid using yubikeys as there is no way with the client software (built in windows smartkey client) to automate the code signing - you cannot get past the prompt for the certificate password. Share this post Link to post
astral2k5 2 Posted April 20, 2023 (edited) 11 hours ago, Vincent Parrett said: If you use CI or automated builds, avoid using yubikeys as there is no way with the client software (built in windows smartkey client) to automate the code signing - you cannot get past the prompt for the certificate password. Yes, that's why I decided to renew the OV certificate 8 months in advance, so I have another 3 years without a token 🙂 Edited April 20, 2023 by astral2k5 Share this post Link to post
Rollo62 502 Posted April 20, 2023 Better check whats going on with USB-Token requirements. I'M still fine, have 2.5 years validity left, and hope then after that it will be all smooth and easy. Share this post Link to post
KenR 29 Posted April 20, 2023 This will be such a pain in the **** - I also renewed early for 3 years to avoid it for now! Share this post Link to post
rvk 29 Posted April 21, 2023 I also just renewed for 3 years this week. If all goes correctly I will be getting a fourth year for free (including a usb-token) according to the latest offer from Sectigo. Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
