1. Home
  2. /
  3. Resources
  4. /
  5. SignServer Enterprise supports OpenPGP and Debian package signing

SignServer Enterprise supports OpenPGP and Debian package signing

hero-sub-3
EJBCA Signserver

2020-01-15

SignServer Enterprise has expanded its code signing capabilities and added support for OpenPGP signing and Debian package signing

If you’re not familiar with code signing, it is the process of digitally signing code, executables, scripts, and software update packages to confirm the creator of the code and to be able to validate that the code has not been manipulated or unintentionally corrupted since it was signed. PrimeKey SignServer is a server-side code signing software that supports multiple code signing formats. Open PGP and Debian package signing are two of the latest additions.

OpenPGP signing

OpenPGP is commonly used for Open Source software projects and also for packaging software for Linux environments in general. The SignServer OpenPGP signer can sign arbitrary data and produce an OpenPGP (RFC 4880) detached signature in binary or ASCII form, or a cleartext signature.

Debian package signing

In addition to OpenPGP signing, Debian package signing support has been added. Debian is a popular and freely-available operating system. A wide range of organizations use the Debian operating system and the system is also known for being an effective packaging system. SignServer has now extended its code signing capabilities to support signing of Debian packages using the dpkg-sig format and OpenPGP. The key management operations are the same as the generic OpenPGP Signer in SignServer Enterprise.

SignServer configuration and operation

Configuring your Debian package signer or OpenPGP signer in SignServer is easy and your applications can access the Debian or OpenPGP signer via an integration directly to the web services web interface, or via the SignServer SignClient. The signing functionality is also available to users via a user-friendly web interface. Users and applications are always authenticated, and all logfiles are signed to ensure proper audit and logging functionality.

Neither the Debian package signing nor the OpenPGP signing format uses X.509 certificates. For SignServer, the Debian and OpenPGP signing operations are, however, handled as any other code signing operation and we recommend using a Hardware Security Module (HSM) to store the private key and execute the signing operation.

For more information:
EJBCA.org

SignServer Documentation

Related resources

EJBCA inläggsbild
DevOps
Implementing Cryptography
Industrial Cybersecurity & IoT
Installation & Deployment
Post-Quantum Cryptography
Signing
Tech Update
Ejbca
16 November, 2023

Learn how to upgrade your EJBCA Docker container to the latest version

Check out our brand-new Tutorial page and video designed to make upgrading yo...
Read more
EJBCA Signserver
DevOps
Installation & Deployment
Signing
Tech Update
Signserver
5 October, 2023

Helm chart for SignServer deployment in Kubernetes

Deploying SignServer as a Helm chart is the easiest way to get started with o...
Read more

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey Solutions AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Close