特色 

• 開發商所發行的代碼程序或內容若通過代碼簽名驗證可提升軟體的下載、採用率和發行率。
• 減少代碼程序及內容出現錯誤訊息和安全性警告，建立品牌的信任關係。
• 防止使用者下載到含有惡意檔案的代碼程序及內容。
• 終端使用者透過互聯網和行動網絡下載、安裝代碼程序和內容時，由系統跳出開發者的信息，大幅提高安全性。
• 確保終端用戶知道該軟體是合法的，且該代碼自發行以來沒有被篡改過。
• 與業界領先者同行：GlobalSign 代碼簽名證書所支持平台類型多元，超過其他任何供貨商。

適用於以下系統及瀏覽器：

Code Signing for Microsoft Authenticode

Digitally Sign Applications and Kernel Software for Windows
GlobalSign Code Signing Certificates for Microsoft Authenticode are used to sign 32 and 64 bit files including .exe, .cab, .dll, .ocx, .msi, .xpi, .xap, ActiveX controls, and kernel software.

Signing your Windows files and applications binds your identity to them, protects them from tampering, and can help prevent users from abandoning the installation process by removing alarming security messages that accompany unsigned code.

When you sign Microsoft Authenticode with a digital certificate, you ensure users that the plug-ins, software, and code they are downloading is coming from a trusted source. Authenticate your identity, and eliminate error messages that warn against downloading malicious code with code signing certificates from GlobalSign.

Code Signing for Adobe

AIRDigitally Sign AIR Applications and Software
GlobalSign Code Signing Certificates for Adobe AIR are used to sign .air and .airi files. Adobe requires software vendors and developers to digitally sign all of their AIR applications in order for them to run successfully.

Signing .air applications authenticates your identity as a publisher or developer. Before users download your .air app, they will see that you are a verified source and that the content is safe.

By protecting against tampering and binding your identity to your code, you protect your reputation and intellectual property, as well as increase user trust and download rates.

Code Signing for Mac OS

Digitally Sign Apple Desktop Applications
GlobalSign Code Signing Certificates for Apple Mac are used to digitally sign software, applications, plug-ins and content for Mac OS desktops. Code Signing technology was introduced by Apple for Mac OS 9 onwards.

When end-users download signed Mac OS applications, they can be assured of the source (the publisher who signed it) and the integrity (that the software has not been tampered with or corrupted since it was signed) – providing the same level of trust as shrink-wrapped software from a store.

Code Signing for Mozilla

Digitally Sign Mozilla and Legacy Netscape Object Files
GlobalSign Code Signing Certificates for Mozilla and Netscape Objects are used to digitally sign Mozilla XPI packages for Firefox and Thunderbird and files for Netscape Objects.

Signing code is beneficial to both you and the end user. You benefit by protecting your code from tampering and building your reputation as a developer, while your end users enjoy peace of mind knowing the application they are downloading is safe and comes from a verified source.

Code Signing for VBA and Macros

Digitally Sign Microsoft Office Macros and Visual Basic Applications (VBA)
GlobalSign Code Signing Certificates for Macros and VBA are used to digitally sign VBA objects, scripts, and macros within Microsoft Office.

When end users open documents containing unsigned macros, they receive security alerts advising them "not to enable content unless they trust the source of the file". Digitally signing your macro binds your identity to the code and displays your name within the file, alleviating the end user's concern about running code from an unknown source. Any changes to the macro made after the signature has been applied, such as insertion of a virus, will invalidate the signature, protecting your name and reputation.

Code Signing for Java

Digitally Sign .jar Files and Java Apps
GlobalSign Code Signing Certificates for Java are used to sign .jar files and Java applications for desktop and mobile devices and are recognized by Java Runtime Environment (JRE).

Digitally signing your .jar files and Java applications protects your code against tampering and binds your identity to the code, assuring end users that the code originated with you and can be trusted. Security warnings that appear when downloading unsigned code are removed.

Code Signing for Microsoft Authenticode

• Use Internet Explorer 5.0 or higher.
• If you are using Internet Explorer 7 or higher on Windows Vista or higher, please enable Active X.
• Use Windows 2000, XP, or higher.
• Must use the same PC, Windows login/user profile, and browser for enrollment and certificate installation.
• If enrolling with Windows 2000 or XP, the file format you will receive is .spc and .pvk
• If enrolling with Windows Vista or higher, the public and private key will be stored in your system registry and exportable as a .pfx

Code Signing for Adobe AIR

• Minimum Browser Requirement – Firefox 1 or higher.

Code Signing for Mac OS

• Minimum Browser Requirement – Firefox 1 or higher.
• Apple Mac OS 9 or Mac OS X

Code Signing for Mozilla

• Minimum Browser Requirement – Firefox 1 or higher.

Code Signing for VBA and Macros

• Use Internet Explorer 5.0 or higher.
• If you are using Internet Explorer 7 or higher on Windows Vista or higher, please enable Active X.

Code Signing for Java

• You will need to generate your Certificate Signing Request (CSR) before starting the application process.

SSL (Secure Sockets Layer) 數位憑證特色

GlobalSign offers a range of SSL options ensuring your public servers and sites are in line with industry best practices, but also offers cost effective-options for internal servers and special use cases. All domains are pre-vetted so certificates are immediately issued and available for installation.

SSL Certificate 憑證種類：

增強型SSL憑證 EV SSL
Extended Validation SSL lends more credibility to your site and increases visitor trust by displaying prominent security indicators, such as turning the browser address bar green and displaying your organization’s name.

• Displays the green address bar, promotes trust, and boosts customer confidence
• Supports Certificate Transparency to enable green address bar in Chrome
• $1.5 million underwritten warranty

業型SSL憑證 OV SSL
Organization Validated (OV) SSL Certificates are the core of GlobalSign's Managed SSL platform and are used to secure and authenticate both public-face and internal sites and servers.

• Wildcard option secures unlimited subdomains for one or more domains on one certificate (e.g., *.yourdomain.com, *.mydomain.com, etc.)
• Wildcard SANs options allow Wildcard options within multiple SANs within a certificate
• $1.25 million underwritten warranty

內網專業數位憑證 Intranet SSL
IntranetSSL provides a cost effective solution to secure internal servers, applications, and IP addresses that do not require public trust yet want to benefit from SSL encryption. With IntranetSSL, enterprises receive the same high level of security and certificate features of publicly trusted SSL Certificates, but the certificates are issued using GlobalSign non-public CAs. IntranetSSL is available directly via GlobalSign's Certificate Management portal.

Beginning 1 November, 2015, the CA/Browser Forum will prohibit the use of internal server names and reserved IP addresses in publicly-trusted SSL Certificates.  This means if you normally receive SSL Certificates from a public CA (such as GlobalSign), you won't be able to use their certificates for internal server names any more. IntranetSSL from GlobalSign allows enterprises to continue to issue SSL to internal server names and reserved IP addresses without the need to run your own CA or use self-signed certificates, because the certificates are issued using GlobalSign's non-public CAs.

Why use IntranetSSL?

• Beginning 1 November, 2015, the CA/Browser Forum will prohibit the use of internal server names and reserved IP addresses in publicly-trusted SSL Certificates
• Continue issuing SSL Certificates containing internal server names and reserved IP addresses without the need to run your own in-house CA or use self-signed certificates
• Secure internally used domain names and servers that do not require public trust
• Issue certificates with options which would otherwise not be permitted under public hierarchies including the use of SHA-1 and 4-5 year certificates.
• Utilize GlobalSign's WebTrust-certified infrastructure and management tools to discover, track, report, and manage all certificates across a dynamic server inventory

• Eliminates the need to run your own CA or use self-signed certificates for special use cases
• Issue SSL with internal server names, long validity periods (up to 6 years), and more flexible contents over publically trusted certificates
• Wildcard option secures unlimited subdomains on one certificate (e.g., *.yourdomain.com)
• Can select from SHA-1, SHA-256, and ECDSA hierarchies and hashing algorithms

PDF 文檔簽名憑證解決方案 GlobalSign's PDF Signing solution

通過網路發布的 PDF 文件可以使用 PDF 文件簽名憑證進行身份簽名或確認簽名，簽名後的文件則可以向用戶證實 PDF 文件簽署人的真實身份，簽署人的真實身份是通過權威的第三方進行審核並確認，同時也保護了 PDF 文件在傳輸的過程中沒有被非法篡改，從而使得簽名後的 PDF 文件可以安全可靠的用於企業之間電子文件交換和電子合同簽署。

保護機密性高的文件
保證重要文檔的真實性、完整性和有效性，包括文件的完整性，著作權，以及時間戳。

遵守監管規範
允許您在需要簽章認證的文件中添加電子簽名。

簽名認證與審批簽字
使用 PDF憑證可以進行證實簽名與審核簽字，強化網路文件傳輸的信賴度。

可靠地告知文件的有效性
在重要文件上傳名簽名認證和審批文件的資訊，並標示其為有效證件。

Auto Enrollment Gateway

Auto Enrollment Gateway是作為連接GlobalSign’s SaaS認證服務及Windows環境的連接器，模擬Certificate Authority (e.g. Microsoft CA)的認證要求。GlobalSign的安全管理、可信賴性與CA運作可以對用戶保持一定控管及政策維護。 
By leveraging Windows Server and Active Directory capabilities, a transparent certificate management experience is supported through auto-enrollment and silent installation. AEG can be used to enroll and issue certificates to all types of Active Directory Objects, including users and machines.

Active Directory Integration
Use your local Active Directory and Windows Certificate Services to enroll and issue certificates to all domain-connected user and machines.
Automated PKI Management
Automatically issue and manage certificates throughout their life cycle, including renewal.    
Zero-Impact Multi-Factor Authentication
There is no client software to install and certificates are automatically enrolled and silently installed for all users and machines across the organization.
SaaS CA
Outsource cryptography and certificate management services to a publicly trusted CA.
Flexibility
A wide range of pre-designed certificate templates enable PKI-based authentication for a variety of use cases, including user and machine authentication, SSL for public website, S/MIME, and smartcard logon.

Enterprise PKI

Enterprise PKI (EPKI) is a cloud-based managed PKI service to issue and manage GlobalSign Client Certificates. The EPKI web portal / APIs provide administrators with a cost effective and easy to use solution to simplify PKI deployments and eliminate the need to host your own Certificate Authority. With EPKI, enterprises have the necessary tools to maintain full control of their PKI requirements without the complexities and overhead cost of running an inhouse CA.

Trusted Root Certificates

GlobalSign’s Trusted Root Signing service allows suitably qualified organizations to capitalize on their investments in PKI or CA software to issue digital certificates which chain up to GlobalSign’s publically trusted Root Certificate. Use cases for Trusted Root include issuing SSL Certificates to domains owned or controlled by an organization and client certificates to extranet users/stakeholders for secure email and authentication purposes.

The goal for Trusted Root is to simplify internal processes surrounding the issuance and lifecycle management of digital certificates. The GlobalSign Root Certificate is already distributed in all operating systems, browsers, and mobile devices, meaning that all GlobalSign Certificates are transparently trusted. By chaining to the GlobalSign Root, qualifying organizations no longer need to rely on self-signed certificates or worry about distributing their own Root Certificates, a time consuming and costly process.

Organizations using Trusted Root must meet the operational best practices in effect for Certificate Authorities, including compliance with CA/B Forum baseline requirements. For that reason, there are a number of technical, procedural, contractual requirements that must be met and maintained via regular auditing.

Trusted Timestamping

GlobalSign's trusted timestamping Software as a Service (SaaS) provides a low cost and easy method to apply RFC 3161 trusted timestamps to time-sensitive transactions through independently verified and auditable date and UTC (Coordinated Universal Time) sources. GlobalSign timestamping service helps organizations reduce potential liability associated with time-sensitive transactions by providing a long term validation and non-repudiation of the time and date the transaction took place using standards-based implementation that is easily recognizable and compatible.

Adding a trusted timestamp to code or an electronic signature provides a digital seal of data integrity and a trusted date and time of when the transaction took place. Recipients of documents and code with a trusted timestamp can verify when the document or code was digitally or electronically signed, as well as verify that the document or code was not altered after the date the timestamp vouches for.

Digital Signatures for Microsoft Office

GlobalSign's PersonalSign Digital Certificates allow you to digitally sign Microsoft Office documents. A digital signature is the virtual equivalent of a wet ink signature, carrying the signer’s identity and assuring the reader of the document’s integrity.

Placing a digital signature on a document proves the information originated with the signer and has not been altered, allowing secure electronic document workflows to replace tedious, paper-based processes.

Secure Email

GlobalSign PersonalSign Certificates use S/MIME technology to allow users to digitally sign and encrypt email.
Digitally signing an email proves authorship and prevents tampering, assuring the email recipient that the email came from you, not an imposter, and that the content of the email has not been altered in transit.

Encrypting email ensures message privacy and keeps sensitive information from falling into the wrong hands.

Secure Email is achieved using GlobalSign's Digital Certificate solution called PersonalSign. PersonalSign Certificates are cryptographic signing certificates that bind your verified, physical identity to the certificate so recipients of email messages can verify that the email actually came from you.