OV Code Signing and FIDO Stick mandantory starting June 2023

Hi all.
I’ve got an eMail from Sectigo some days ago stating that OV Code Signing certificates will require either a Sectigo token or a FIPS-compliant USB-Stick starting June 2023.

Is this pure marketing or should one buy the standard software-based certificate as long as it’s possible (they write possible until April 2023)?

Does someone already use a FIDO-Stick for signing? If so are there any issues?


As far as I know this is only needed to buy (or renew) a certificate. Not for code signing it s

You are right. I should have stated that more clearly.
Existing software-based certificates will stay valid but you won’t be able to get a renewal for software based as I read it.
My certificate will expire in some months and I don’t know if i better renew the software certificate or wait and get the FIDO-type cert.

I’ll be interested in this too.
Does it come in usb-c ?

I recently renewed for the 3 years, losing a year of my existing certificates.
If this is too arduous in 3 years time I’ll probably shut up shop.

Will that be similar to the USB token you already need for an EV certificate?
If so, I had issues for quite some while, when the licensing tool sometimes took hours to open the key. I don’t know if a Parallels, Windows or tool update fixed it. But since a while no issues anymore, once the key is unlocked sign tool can access it like it would with a pure software key.


lol. When I read “Fido” I instandly think of Fido-Net (yeah, that prehistoric pre internet communication system). I was hub and nc of Zyxelnet. THAT where the times!

But back to topic, I think it’s time for me to go for a EV cert, so I go get that HSM from Sectigo.

b.t.w. if I remember right a dog was the eponym for fidonet :wink: