Digital certificates and malware go together like peanut butter and petroleum jelly — they can be sandwiched together easily, but the result is not exactly tasty or good for you.
As you may know, digital certificates are used to cryptographically sign executable code and documents. If the digital certificate used for signing the content was issued from a certificate authority you or your computer trusts, then the content will more likely be accepted for execution or opening, without warning messages.
The general process of code signing goes something like this:
1. The developer receives a code-signing digital certificate from a trust certification authority (CA).
To read this article in full or to leave a comment, please click here