Code signing ensures trusted software
Digitally signed executable files such as applications, libraries and drivers help ensure that your software stays trusted and unmodified, even when it is distributed over insecure networks or stored on untrusted media.
Code signing solution
Digital certificates and signatures enable secure communication and updates throughout the product lifecycle, so that generated data can be trusted and software updates are reliable.
Centralize and take control
Security policies can be harmonized when all your organization's code signing needs can be operated from one single platform.
Protect signing keys
Using code signing software with the code signing keys protected by a Hardware Security Module (HSM) helps mitigate the risks of keys being stolen or used illegitimately.
Built into your environment
Smooth and automated workflows, for continuous delivery, with integrations to your DevOps and CI/CD pipeline tools.
What are the challenges when deploying a code signing service?
Secure software
Software distributions must be secured to prevent theft or damaged reputation, and without the need for in-house cryptographic expertise.
Streamline code signing
Code signing services must be available independently of the number of products, developers and geographical sites, and not require extensive maintenance.
Smooth workflows
Code signing must easily integrate into development processes, be compliant and support automation - to minimize human errors.
Benefits of PrimeKey's code signing solution
With a centralized signing tool the code signing capabilities are easily controlled from a single location, and the risk of code signing keys being lost or stolen is significantly decreased. The cost of keeping signing keys under control is reduced.
Harmonized signing processes
A centralized signing software helps align processes, enforce policies and control the code signing from a single location. This mitigates the risk of code signing keys being lost or stolen and lowers the cost of keeping signing keys under control.
Many supported formats
SignServer supports code and package signing formats for Microsoft, Java, and Android as well as more generic formats such as CMS and PKCS#1. New code signing formats can be implemented using various signers and custom plug-ins, which make them easy to add and maintain. See all supported formats in the documentation.
Security by design
SignServer provides a centrally managed and audited code signing solution that allows you to keep code signing keys protected in an HSM. Only users or systems that are granted authorization can access the system. Signed audit records are provided, to prove who signed what.
Versatile signing platform
The code signing solution is easily combined with other signing use cases in the versatile SignServer platform. A timestamping service is always included.
Automatic certificate renewal service is offered via integration with EJBCA Enterprise. SignServer also supports automated code signing in a CI/CD pipeline, for example via integration to Jenkins.
Related resources
Cybersecurity – An enabler for critical infrastructure
Webinar: 5G, edge & security for the connected factory
PKI as DevOps or PKI for DevOps
Products for code signing
SignServer Enterprise
Server-side, PKI-based, multipurpose digital signature solution
SignServer Cloud
Multipurpose digital signature solution on AWS and Azure cloud
SignServer Hardware Appliance
Turn-key digital signature hardware and software solution with integrated HSM
More information
See the links for more information:
Contact us
Fill in your contact information below and we will get in touch with you.