CODE SIGNING
SIMPLE & SECURE

Your certificate is your signature. It provides your users with trust.
Ensure that only your code is signed with your certificate.

TAKE CONTROL OVER YOUR CODE SIGNING PROCESS

Code signing is used to indicate and verify the publisher of software programs and make sure the software has not been modified after publishing.
SignPath-signing

Define what will be signed

By specifying your software artifacts, you ensure that only intended code will be signed with your key.

  • Define structure and content of your packages
  • One-stop signing of nested packages: installers, ZIP archives, executables and libraries, extensions and add-ins

SignPath-user

Define who can publish new releases

When a new version of an artifact is built, it is submitted to the signing process and approved.

  • Manage users and permissions
  • Define who can submit a release
  • Define who must approve a release before signing
  • Full auditing of activities and artifacts

SignPath-integration

Integrate with your development process

Seamless integration with your build and release processes.

  • Submit code manually or use continuous integration
  • Define separate rules and certificates for internal and release builds
  • Use notifications and REST APIs

TRY IT NOW - We will guide you through

You don‘t have to become an expert for certificates, cyphers, key-strength, PKI, CRLs, timestamps or anything else that happens under the hood. But we do tell you about it and help you understand the consequences. There are some important choices that you need to make along the way, and we will guide you through them.

BENEFIT FROM BUILT-IN FEATURES

The signing process is performed in a secure and correct way
SignPath-safety

Your private keys are kept secure

Rest assured that your private keys can never be compromised.

  • Create, manage and renew code signing certificates
  • Private keys are automatically generated and stored in a FIPS-certified Hardware Security Module (HSM)
  • HSM and servers are located in physically secured data centers
  • No need to hassle with USB tokens or rely on unsafe certificate storage

methods

Choose from many signing methods

These signing methods are currently supported:

  • Authenticode: installers and executable code
  • ClickOnce manifests: Smart Clients, Microsoft Office Add-ins
  • Open Packaging Convention: Visual Studio extensions
  • Timestamps
  • Cryptographically secure SHA-2 signatures