The private key for a Comodo Code signing certificate is generated by the browser during certificate enrollment. When the submit button is pressed, a key pair of the selected size is generated. The private key is encrypted and stored in the local key database.
Not any browser match the requirements needed for private key generation purposes: we recommends using Mozilla Firefox or Internet Explorer 8+ on Windows and Safari on Mac for certificate enrollment as it is both easy to apply and convenient for the user. To apply for a Code signing certificate, visit the following URL.: https://domainregister.international/cart.php?gid=11
Browser support
Microsoft Internet Explorer: IE uses the CertEnroll/XEnroll ActiveX control to generate and install certificates through the browser.
Microsoft Edge: Neither the <keygen> nor the CertEnroll/XEnroll ActiveX controls are present in Microsoft's new Edge browser.
Mozilla Firefox: This browser supports key generation and certificate installation by default through the <keygen> function and special certificate file type handling.
Note: While Firefox supports in-browser certificate installation, it uses its own keystore to store the certificate and is not shared with other applications. Installing through Internet Explorer will install the certificate to the Windows Certificate Manager which is used by other applications such as Microsoft Office, Outlook, and Google Chrome. For this reason, Internet Explorer is recommended.
Google Chrome: As of Chrome 49, the <keygen> function has been disabled by default and digital certificate file types are downloaded instead of installed. While the keygen function can manually be enabled, the custom filetype handling is still removed, therefore installation through Google Chrome is not supported.
Chromium Based browsers: From Chromium Version 49, "Key Generation" feature is no longer supported. So, please DO NOT use any Chromium based browser for S/MIME certificate enrollment.
Some examples of Chromium Based browsers are, Google Chrome, Yandex Browser, Opera.
In case you mistakenly used a wrong browser to initially apply for the certificate, then you must ignore the current certificate and go with the re-issue option.