1. Home
  2. /
  3. Use cases
  4. /
  5. Code Signing (JAR, CMS, openPGP, Debian, Plain)

Code Signing (JAR, CMS, openPGP, Debian, Plain)

Code signing helps protect the integrity and authenticity of software, containers, and other software packages when it is downloaded over insecure networks or stored and executed on untrusted media.

hero-sub-2-white

Challenge

Managing access and storage of signing keys can be a struggle

As a software supplier or user, you can prevent supply chain attacks, malware, and unauthorized software tampering by only providing/allowing signed software, containers, and applications. In order to make this happen, IT and application teams must have easy access to code signing tools and keys during software development and maintenance. Meanwhile, security teams struggle to manage signing keys, who has access to them, and where they are kept. The signing keys can be found on workstations, repo readme files, and build servers.

arrow

Solution

Sign code och software securely from one flexible platform

SignServer is a high-performance, centrally managed signing key and workflow solution.  You can keep signing keys in secure files (only recommended for testing and prototyping) or with on-premises or cloud-based Hardware Security Modules (HSM).

SignServer supports code and package signing formats for Microsoft, Java, and Android as well as more generic formats such as CMS and PKCS#1. A timestamping service is always included. 

You can sign using APIs, command lines, or consoles without uploading or transferring big files. Automated workflows for continuous delivery, integrated with your DevOps and CI/CD pipelines.

Tutorials

SignServer logo thumbnail
Code signing
DevOps
Get started
2023-09-27

Create OpenPGP signatures with SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
OpenPGP
SignServer logo thumbnail
Code signing
Post-quantum
2023-07-04

ML-DSA (Dilithium) Signing Certificate and Signing in SignServer

Set up your first quantum-ready PKI. Create your ML-DSA (Dilithium) Root CAs, Issuing CAs, and end entities for code signing. Then sign data in SignServer. The ML-DSA (Dilithium) algorithm offers strong security and efficiency by l...
ML-DSA
SignServer logo thumbnail
DevOps
2023-06-08

Sign container images with Cosign and SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
COSIGN
SignServer logo thumbnail
DevOps
2023-06-07

Connect a Jenkins CI pipeline to SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
jenkins
SignServer logo thumbnail
Code signing
2023-06-06

Flexible Code Signing: Try Multiple Formats with SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
Signserver
SignServer logo thumbnail
Secure boot OTA
2023-06-05

Set up your ESP32 board with secure updates

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
Espressif

Get inspired

Stay up-to-date on the latest SignServer news and updates through our news feed. From product releases to the newest tutorial videos and guides, our feed provides the latest information on all things related to SignServer. Don't miss out on our upcoming events, live or online, designed to provide valuable knowledge and hands-on experiences. Join our community and stay in the know with SignServer.

Streamlining-PKI-Management-and-TLS-Certificate-Issuance-2400×1260-1-980×546
DevOps
Installation & Deployment
Blog
Ejbca
26 January, 2024

New EJBCA article on the Docker blog

The EJBCA Community Edition (CE) has been available on Docker Hub for approxi...
Streamlining-PKI-Management-and-TLS-Certificate-Issuance-2400×1260-1-980×546
DevOps
Installation & Deployment
Blog
Ejbca
26 January, 2024

New EJBCA article on the Docker blog

The EJBCA Community Edition (CE) has been available on Docker Hub for approxi...
Keyfactor Release
Implementing Cryptography
Post-Quantum Cryptography
Release
Ejbca
23 January, 2024

Bouncy Castle Java LTS unleashes accelerated hardware power on Intel and ARM architectures in latest release

We are proud to announce a new release of our Bouncy Castle Long Term Stable...

Related open-source projects