1. Home
  2. /
  3. Use cases
  4. /
  5. Signing for your DevOps Workloads

Signing for your DevOps Workloads

Explore SignServer for code signing, including integration with CoSign for container signing, connections to your DevOps tools such as GitHub Actions and Jenkins, as well as providing code signing for all your software projects.

hero-sub-2-white

Challenge

Signing code and containers to secure your software supply chain

Implementing robust code and container signing processes in the CI/CD pipeline poses challenges for DevOps engineers and security experts. Secure key management, automated signing workflows, scalable performance, and compliance adherence are crucial but complex requirements that need careful consideration and implementation.

arrow

Solution

Simplify signing processes with SignServer

SignServer securely stores and generates signing keys in a secure file (recommended only for testing and prototyping) or a Hardware Security Module (HSM, for production environments). It seamlessly integrates into DevOps workflows through its APIs and effectively handles large signing operations, including one-time signing keys. 

Discover SignServer's capabilities for DevOps Signing, including 

  • SigStore CoSign integration for Container signing
  • GitHub Action integration 
  • Software supply chain attestation signing with Chainloop, SignServer and EJBCA
  • Jenkins integration, and
  • Code signing. 

Explore SignServer to sign containers, code, and workloads, and seamlessly integrate it with your DevOps CI/CD pipeline tool.

Tutorials

SignServer logo thumbnail
DevOps
2024-11-19

Software Supply Chain security with Chainloop

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
Chainloop
SignServer logo thumbnail
Code signing
DevOps
2024-10-29

Sign Code with GitHub Actions and SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
GitHub Actions
SignServer logo thumbnail
Code signing
DevOps
Get started
2023-09-27

Create OpenPGP signatures with SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
OpenPGP
SignServer logo thumbnail
Code signing
Post-quantum
2023-07-04

ML-DSA (Dilithium) Signing Certificate and Signing in SignServer

Set up your first quantum-ready PKI. Create your ML-DSA (Dilithium) Root CAs, Issuing CAs, and end entities for code signing. Then sign data in SignServer. The ML-DSA (Dilithium) algorithm offers strong security and efficiency by l...
ML-DSA
SignServer logo thumbnail
DevOps
2023-06-08

Sign container images with Cosign and SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
COSIGN
SignServer logo thumbnail
DevOps
2023-06-07

Connect a Jenkins CI pipeline to SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
jenkins
SignServer logo thumbnail
Code signing
2023-06-06

Flexible Code Signing: Try Multiple Formats with SignServer

{At sit et cras neque etiam cursus vulputate tempor enim. Quisque suspendisse nunc massa eleifend est ultrices. Facilisi ut a augue pellentesque quam nibh. Sit nisl.|=##=|162821}
Signserver

Get inspired

Stay up-to-date on the latest SignServer news and updates through our news feed. From product releases to the newest tutorial videos and guides, our feed provides the latest information on all things related to SignServer. Don't miss out on our upcoming events, live or online, designed to provide valuable knowledge and hands-on experiences. Join our community and stay in the know with SignServer.

Keyfactor Release
Release
19 December, 2024

EJBCA 9.0 – Upgraded Technology Stack

EJBCA Community 9.0 is here, introducing support for an upgraded technology s...
PKI hierarchies - 1, 2, 3 tiers ?
Industrial Cybersecurity & IoT
Tech Update
Ejbca
Signserver
12 December, 2024

#KEYMASTER: PKI Themes across the IoT Frontier – From Centralized Trust to Interoperability and Code Signing

IoT ecosystems are heavily segmented across industries, with each sector, lik...
Keyfactor Release
Implementing Cryptography
Post-Quantum Cryptography
Release
Ejbca
Signserver
4 December, 2024

NIST PQC Support and more – Bouncy Castle C# .NET 2.5.0

New release: Bouncy Castle C# .NET 2.5.0

Related open-source projects