Hi all,

today I have to share some fantastic news with you. First of all, we have been working hard on SetupBuilder 2025. Further details coming soon (TM).

Let us talk about code-signing. The good ol' days of .PFX code-signing certificates is over. So one of the SetupBuilder 2025 main key features is code-signing support for the new FIPS-2 Level 2 and Level 3 certificate standards.

Microsoft has quietly launched a fully managed end-to-end code-signing solution for developers: Trusted Signing. This is basically a replacement for the ridiculously overpriced Organization Validation (OV) and Extended Validation (EV) code-signing certificates. Both certificate types have in common that they are issued by a trusted CA-Authority (the cartel). Microsoft's Trusted Signing will drastically reduce the profits of the code-signing cartel!

What is Trusted Signing?

Trusted Signing is a complete code-signing service, backed by a Microsoft managed certification authority. It's a cloud-based micro-tuned service to make code-signing more accessible. It addresses the signing issues faced by individual developers by providing a comprehensive and affordable solution. It ensures the authenticity and integrity of code through a modern identity validation process, which is crucial for securing code signing certificates.

One of the key advantages of Trusted Signing is its cost-effectiveness. Trusted Signing offers two pricing tiers, starting at $9.99/month: Basic and Premium. Both tiers are designed to provide optimal cost efficiency and cater to various signing needs. The costs for identity validation, certificate lifecycle management, and signing are all included in a single offering, ensuring accessibility and predictable expenses. This eliminates the need for individual developers to invest in additional infrastructure and operations required to manage and store private keys securely.

Microsoft manages the full certificate lifecycle - generation, renewal, issuance - and key storage that is FIPS 140-2 Level 3 HSMs. The certificates are short lived certificates, which helps reduce the impact on your customers in abuse or misuse scenarios.

This is huge! Trusted Signing is officially in public preview. It supports organizations with 3+ years of verifiable business history and is now open for INDIVIDUAL developers.

SetupBuilder 2025 provides built-in support for OV/EV USB crypto-token, OV/EV cloud and the new Microsoft Trusted Signing technology.

If you are interested, I am looking for some beta testers for USB crypto-token, cloud and Microsoft Trusted Signing code-signing! Please send an e-mail to support [at] lindersoft [dot] com

Get ready to support Trusted Signing! Create an Azure account today at azure.microsoft.com and add a Trusted Signing Account service. Thank me later <g> If you need help with this process, please let me know.

Friedrich

--
Friedrich Linder
Lindersoft | SetupBuilder | www.setupbuilder.com
Voice: +1.954.537.3701 | Fax: +1.954.537.3702

-- SetupBuilder "point. click. ship."
-- Industry leaders count on SetupBuilder to deliver...
-- Sectigo OV/EV Code-Signing and SSL Certificate Partner