SearchSupportFree trial
Contact us

FAQs

FAQsCode Signing

What is the key attestation for Code Signing?    

Updated on November 28, 2025

Similar Questions:

How does Key Attestation work in Sectigo SCM?  

How do I set up Code Signing Certificates with Key Attestation in Sectigo SCM? 

What steps are needed to create a Code Signing Certificate with Key Attestation?  

How to create code signing certificates with key attestation in Sectigo SCM? 

Overview: 

This document describes the steps needed to produce Code Signing certificates with Key Attestation in the Sectigo Certificate Management platform.

This step-by-step guide covers the steps for:

i) Creating the Certificate Profile

ii) Enrollment form

iii) Submitting the certificate with Key Attestation via the form. 

Steps to follow: 

Creating the Assets in SCM:  

A) Create a Code Signing Certificate Profile.   
 

  1. Choose “Code Signing Certificate” as the “Certificate Type”: 
     

  1. Choose a CA Backend that supports code signing with Key Attestation: 
     

  1. Choose a Certificate Template having Key Attestation: 

  1. Assign terms: 
     

B) Create a Code Signing Enrollment form: 

  1. Ensure the type is “Code Signing Certificate Enrollment Form”: 
     

  1. Generate a URL extension: 
     

  1. Save 

Add the Enrollment form to an account 

  1. Select the Enrollment form and click the “Account” option: 
     
     

  1. Click to add the new account: 
     
     
     

  1. Configure the Organization Department Profile 
     
     

 

C) Submitting the CSR with Attestation via Enrollment Form 

Send an invite to the user who will be sending the CSR & Attestation 

  1. Access “Certificates” > “Code Signing Certificates” from SCM: 
     
     

  1. Click “Invitations” from the top-right corner: 
     

  1. Click the “+” Icon: 
     
     

  1. Enter the following: 

  1. Email (Email of the recipient who will provide the CSR & Attestation 

  1. Enrollment Endpoint (The Enrollment form to be used) 

  1. Account (This should populate based on the selected Enrollment endpoint, in case it does not, select the Account having the key attestation template) 

  1. Click the “Send” control: 
     

D) Submitting the CSR with Attestation: 

  1. The recipient needs to open the email they received from the enrollment form: 
     
     

  1. The recipient will need to enter:  

  1. The Certificate Term: 
     

  1. The “Certificate Email” (San) 
     

  1. First Name 
     

  1. Last Name 
     
     
     

  1. The recipient will need to upload the CSR 
     

  1. The recipient will need to add the Key Attestation 

  1. The value: 
     

  1. The HSM Type: 
     

  1. Any mandatory Custom fields will need to be entered. 
     

  1. The user must accept the EULA 
     

  1. Submit the enrollment 
     

 

 

 

 

 

Related Articles:  

Tags: 

 

Need assistance?

Contact our team for help with your purchase or issuing your certificate.

Live chat

Click the button below or click "Chat with an Expert" to start chatting with us now!

Start chat

Call us today

United States
+1 888 266 6361
France
+33 3 66 72 95 95
Italy
+39 02 4792 1708
Spain
+34 900 838 451
Germany
+49 800 1002328
International
+1 914 732 844

Resources