Supports the platforms and tools you use
Give development teams access to sign
code…while keeping your keys secure
DigiCert Software Trust Manager allows developers to sign code when and where they need to, without needing a copy of the signing private key. Your private keys will stay securely stored on secure hardware, while developers use the platform to remotely (and securely) submit signing requests.
David NalleyVice President, Infrastructure
“We have 6,000-plus developers on six continents. Trying to secure all the keys that they need (for code signing) would be a nightmare. With DigiCert Secure Software Manager, the keys remain in the cloud, and access is provided to sign with them, but not to get the actual keys themselves. That is a huge win for us.”
Simplify Your Code Signing Process
DigiCert Software Trust Manager makes code signing secure by protecting your private keys from theft or unauthorized use, but it also makes it much easier for your entire team. No more shipping USB tokens with certificates or trying to remember which machine is storing the private key. DigiCert Software Trust Manager makes signing software as easy as sending an email—just login and click “Sign”.
Each of your private keys is automatically protected on a hardware security module—so they can’t be stolen or accidentally uploaded to a GitHub repo.
Maintain full control over who can sign code, and when by delegating privileges to authorized developers during scheduled release windows.
You’ll know every piece of code that’s been signed with your keys (and who signed it), thanks to detailed, permanent signing logs.
You don’t need to change what you’re already doing. Integrate code signing into your Cl/CD and DevOps flows using APIs and/or integrations.