- Home
- Learn
SSL & Web Security Learning Center
Expert guides and tutorials on SSL/TLS certificates, encryption, PKI, and digital security. Written by security professionals to help you protect your websites, applications, and users.
Featured Articles
Start with these essential guides on SSL and web security
84 articles found
How to Sign a NuGet Package (Step by Step)
Sign a NuGet package with dotnet nuget sign: use a hardware-based code signing certificate, reference it by SHA-256 fingerprint, add an RFC 3161 timestamp, then register the certificate on NuGet.org and verify. Includes the author-vs-repository signature split and the errors most first uploads hit.
How to Sign a VBA Macro (Word, Excel & PowerPoint)
Sign a VBA macro in Word, Excel, or PowerPoint: choose a code signing certificate in the VBA editor, timestamp it through the registry, and set your publisher as trusted. Plus why a correctly signed macro can still hit the red 'Microsoft has blocked macros' banner — and the fix.
EV vs OV Code Signing: Which One Do You Actually Need?
EV vs OV code signing in 2026: EV no longer skips SmartScreen, so standard OV is the right choice for most publishers. When EV is still required (kernel drivers, enterprise policy), what both now cost, and how the 460-day validity and hardware-key rules affect each.
The 'Unknown Publisher' Warning: Why It Appears and How to Fix It
The 'Unknown Publisher' warning appears when Windows can't verify who signed a program. What triggers it, how it differs from the SmartScreen 'unrecognized app' warning, why it can survive signing, and how a trusted code signing certificate replaces it with your verified name.
Code Signing Certificate Validity: The New 460-Day Limit
Since March 1, 2026, publicly trusted code signing certificates max out at 460 days — down from about three years — under CA/Browser Forum Ballot CSC-31. What changed, who's affected, how multi-year purchases now work as reissues, and how to plan renewals without a signing gap.
What Is a Digital Signature? How It Works with Certificates
A digital signature uses a private key to prove a file came from you and hasn't been altered, while a certificate ties that key to a verified identity. How signing and verifying work, what they guarantee, and the certificate types behind HTTPS, code signing, documents, and email.
What Is a CSR? Certificate Signing Request Explained
A CSR (Certificate Signing Request) is a signed PKCS#10 block that carries your public key and identity to a certificate authority — while the matching private key stays on your server. What's inside a CSR, how it becomes a certificate, and the mistakes that stall an order.
How to Install an S/MIME Certificate in Outlook (Windows, Mac & Web)
Get your S/MIME certificate working in every Outlook: import the .pfx into the store each version actually reads — Windows store, Outlook's own S/MIME settings, or the macOS Keychain — pick it as your signing certificate, and trade one signed email before you encrypt. Includes the five errors that stop most first setups.
What Is a Document Signing Certificate? Digital PDF Signatures Explained
A document signing certificate ties a CA-verified identity to your PDF and Office signatures. What separates it from a typed e-signature, how the cryptography works, what Adobe AATL membership changes for recipients, and how the eIDAS levels decide legal weight.
How to Sign a Windows Driver (Attestation Signing, Step by Step)
Kernel drivers only load when Microsoft signs them: what your EV certificate actually signs, the attestation submission in Partner Center step by step, why Windows Server needs WHQL instead, and what the April 2026 cross-signing cutoff broke.
How to Sign an MSI or MSIX Installer (Step by Step)
Sign MSI and MSIX installers with SignTool: why packages sign from the inside out, the one-signature-per-MSI rule that breaks dual signing, the MSIX publisher-match check behind error 0x8007000B, and how Inno Setup, NSIS, and WiX bundles each get signed.
Code Signing in CI/CD: How to Automate Signing Without Exposing Your Key
Since 2023 there's no key file to paste into a CI secret — automating signatures means connecting the pipeline to certified hardware. Compare USB tokens on self-hosted runners, SimplySign cloud sessions on a dedicated agent, and pipeline-native services, plus the design rules that keep unattended signing safe.
Written by Security Professionals
Our articles are created by the My-SSL team with over 10 years of experience in SSL certificates, PKI, and web security. We help businesses, developers, and IT professionals understand digital security with practical, accurate, and up-to-date guides.