Code Signing Certificate Provider Change – GlobalSign Root Certificate Requirement

+ More

Table of Contents

Overview Impact Resolution Download the GlobalSign Root Certificate Install the Certificates Verification Additional Information

Overview

We have changed the code signing certificate provider used to sign our product binaries. Previously, our software packages were signed using certificates issued by DigiCert. Starting with recent releases (25.4.0.5 and newer), the software is signed with certificates issued by GlobalSign. To ensure that the operating system correctly validates the software signature, systems must trust the GlobalSign Certification Authority (CA).

Impact

If the GlobalSign root or intermediate certificates are not present in the system trust store, you may encounter one or more of the following issues: software installation issues, software failing to run or load dependencies, code signature verification failures, security warnings during installation or execution. This requirement applies for running all EDP components: servers, agents, cloud connect, etc. This typically occurs on systems with restricted certificate stores, offline environments or hardened servers where root CA updates are disabled.

Resolution

The system must trust the GlobalSign root and intermediate certificates. In most environments connected to the internet, the certificates will be installed automatically through the operating system's root certificate update mechanism. For restricted or offline environments, you may need to install the certificates manually.

Download the GlobalSign Root Certificate

  1. Navigate to the official list of GlobalSign's Root Certificates
  2. Download the following certificates
    • GlobalSign Code Signing Root R45, thumbprint 4e:fc:31:46:0c:61:9e:ca:e5:9c:1b:ce:2c:00:80:36:d9:4c:84:b8
    • GlobalSign Root R6, thumbprint 80:94:64:0e:b5:a7:a1:ca:11:9c:1f:dd:d5:9f:81:02:63:a7:fb:d1

Install the Certificates

  1. Open the Microsoft Management Console (MMC).
  2. Add the Certificates snap-in for the Local Computer.
  3. Import both certificates into the Trusted Root Certification Authorities store.
  4. Complete the import wizard.

Verification

After installing the certificate:

  1. Right-click the product executable or installer.
  2. Open Properties → Digital Signatures.
  3. Confirm the signature is issued by GlobalSign and is shown as valid.

Additional Information

This change only affects the certificate authority used for code signing.
No functional changes have been made to the software itself.

If you continue experiencing signature validation issues, please contact our support and include:

  • Product version
  • Operating system version
  • Screenshot of the signature validation error

Related Articles