Code signing helps protect the integrity and authenticity of software, containers, and other software packages when it is downloaded over insecure networks or stored and executed on untrusted media.
Challenge
As a software supplier or user, you can prevent supply chain attacks, malware, and unauthorized software tampering by only providing/allowing signed software, containers, and applications. In order to make this happen, IT and application teams must have easy access to code signing tools and keys during software development and maintenance. Meanwhile, security teams struggle to manage signing keys, who has access to them, and where they are kept. The signing keys can be found on workstations, repo readme files, and build servers.
Solution
SignServer is a high-performance, centrally managed signing key and workflow solution. You can keep signing keys in secure files (only recommended for testing and prototyping) or with on-premises or cloud-based Hardware Security Modules (HSM).
SignServer supports code and package signing formats for Microsoft, Java, and Android as well as more generic formats such as CMS and PKCS#1. A timestamping service is always included.
You can sign using APIs, command lines, or consoles without uploading or transferring big files. Automated workflows for continuous delivery, integrated with your DevOps and CI/CD pipelines.
Stay up-to-date on the latest SignServer news and updates through our news feed. From product releases to the newest tutorial videos and guides, our feed provides the latest information on all things related to SignServer. Don't miss out on our upcoming events, live or online, designed to provide valuable knowledge and hands-on experiences. Join our community and stay in the know with SignServer.
EJBCA is a robust, reliable open-source Certificate Authority software that can be tailored to meet your PKI requirements. Whether you're managing an internal PKI or setting up a PKI for your business application or product, EJBCA has the flexibility and scalability to support your needs.
Bouncy Castle is a popular and widely used cryptographic API that is FIPS-certified and open-source, making it easy for developers to seamlessly integrate cryptography, PKI and signing security into their Java and C# applications.
