Code Signing Certificate Provider Change – GlobalSign Root Certificate Requirement

+ More

Table of Contents

Overview Impact Resolution Ensure GlobalSign CA Certificates Are Installed Download the GlobalSign Root Certificate Install the Certificates Verification Additional Information

Overview

We have changed the code signing certificate provider used to sign our product binaries.
Previously, our software packages were signed using certificates issued by DigiCert.
Starting with recent releases (v25.4.0.5), the software is signed with certificates issued by GlobalSign.

To ensure that the operating system correctly validates the software signature, systems must trust the GlobalSign Certification Authority (CA).

Impact

If the GlobalSign root or intermediate certificates are not present in the system trust store, you may encounter one or more of the following issues: software installation issues, software failing to run or load dependencies, code signature verification failures, security warnings during installation or execution. This requirement applies for running all EDP components: servers, agents, cloud connect, etc.

This typically occurs on systems with restricted certificate stores, offline environments or hardened servers where root CA updates are disabled.

Resolution

Ensure GlobalSign CA Certificates Are Installed

The system must trust the GlobalSign root and intermediate certificates.

In most environments connected to the internet, the certificates will be installed automatically through the operating system's root certificate update mechanism.

For restricted or offline environments, you may need to install the certificates manually.

Download the GlobalSign Root Certificate

Download the required certificate (GlobalSign Code Signing Root R45, thumbprint 4efc31460c619ecae59c1bce2c008036d94c84b8) from the official GlobalSign repository:

Install the Certificates

  1. Download the required GlobalSign root certificate.
  2. Open Microsoft Management Console (MMC).
  3. Add the Certificates snap-in for the Local Computer.
  4. Import the certificate into: Trusted Root Certification Authorities
  5. Complete the import wizard.

Verification

After installing the certificate:

  1. Right-click the product executable or installer.
  2. Open Properties → Digital Signatures.
  3. Confirm the signature is issued by GlobalSign and is shown as valid.

Additional Information

This change only affects the certificate authority used for code signing.
No functional changes have been made to the software itself.

If you continue experiencing signature validation issues, please contact our support and include:

  • Product version
  • Operating system version
  • Screenshot of the signature validation error

Related Articles