Blog post 22 Jul, 2019

The release of SignServer Enterprise 5.1.0

The release of SignServer Enterprise 5.1.0

The PrimeKey SignServer team is pleased to announce the release of SignServer Enterprise 5.1.0

PGP Signing Support

In addition to supporting all X.509 based signers, we have now added support for PGP/GPG signing of software release packages and repositories, or for general signing.

The new OpenPGP Signer can produce both detached and clear-text signatures. For step-by-step instructions on configuring and using this new signer, see Setting up OpenPGP Signer.

Additionally, SignClient now supports PGP signing in client-side hashing mode. For more information, see Client-Side Hashing

Debian Package Signing Support

While the added PGP signing support allows signing Debian software repositories, this new signer also lets you sign individual Debian packages. For more information, see the new Debian Dpkg-sig Signer.

We also added support to SignClient for signing this format in client-side hashing mode, see Client-Side Hashing.

Improved Client Certificate Authorization

Previously the client certificate authorization rules had to match on the certificate serial number causing a maintenance burden when renewing the certificates and all the rules had to be updated.

With this release we introduce the possibility of matching on other fields from the certificate, such as RDN:s from Subject DN like Common Name (CN), Organization Unit (OU), and User ID (UID), etc.

See Configure Client Certificate Authentication and Authorization for step-by-step instructions on how to start using this feature.

Upgrade Information

No database changes are required for this release.

Review the SignServer Upgrade Notes for important information about this release. For upgrade instructions, see Upgrade SignServer.

Change Log

For full details of fixed bugs and implemented features in SignServer 5.1.0, refer to our JIRA Issue Tracker.


As always, the new release can be found in the signserver_latest directory in your download area.

Best Regards,

Markus Kilås
Product Owner SignServer
on behalf of the PrimeKey SignServer Team