SignServer and Jenkins integration automates the code signing process within the CI/CD pipeline, eliminating the need for manual intervention.
Jenkins is an open-source platform automating various stages of the software development lifecycle, including building, testing, and deploying applications.
With the integration between Jenkins and SignServer, each code build and deployment through Jenkins can be automatically signed by SignServer.
Consider a typical Java project as an example. When there are code changes in the Git repository, the Jenkins Pipeline automatically initiates an integrated workflow. It starts by building and testing the project, then proceeds to digitally sign the resulting artifact using standard Java code .jar file signing.
In this example, the signing operation is done remotely by a SignServer instance that securely generates signatures and manages the code signing keys in an HSM. Using SignServer, signing keys aren't stored on laptops or anywhere else. In addition, SignServer makes sure every signing process generates audit logs, so you know what's going on.
The integration requires these servers to be available:
Network traffic between the instances must be allowed. Our example is running in AWS and the most straightforward way is to allow all local virtual private cloud (VPC) traffic to the nodes, see SignServer Cloud AWS Launch Guide.
Check out the supplementary documentation.
Get your hands on the SignServer Docker container by downloading it now from Docker Hub.
Join our discussions to ask questions and share ideas.