Code Signing with Software Trust Manager Jenkins plugin is a keypair-based signing workflow that improves software security and integrates with DevOps processes to sign binaries on Windows and Linux.
This action accelerates the installation and configuration of clients and various signing tools to help developers become signing-ready for Jenkins plugin workflows.
DigiCert® Software Trust Manager provides a solution to manage and automate your code signing workflows securely.
Software Trust Manager:
- Requires multi-factor authentication (MFA) for code signing.
- Prevents unauthorized access or misuse of keys and certificates.
- Enforces consistency and compliance of security policies.
- Guards against insertion of malware during software releases.
- Expedites remediation by giving you an audit history of all actions taken within your account.
You can use Software Trust Manager to securely:
- Generate and manage your credentials.
- Create, edit, import, export, or delete keypairs.
- Generate certificates using a keypair in your account.
- View your audit and signature logs.
- Create releases.
- Sign code.
Software Trust Manager is part of the DigiCert ONE platform, which also includes DigiCert® Trust Lifecycle Manager, DigiCert® Document Trust Manager, and DigiCert® IoT Trust Manager, enabling organizations to manage their diverse PKI workflows from a single pane of glass.
You require a DigiCert ONE account to access Software Trust Manager. If you do not currently have a DigiCert ONE account, you can request a 30-day free trial account from DigiCert Sales.
This is a list of popular use cases supported by this plugin. This is not a comprehensive list.
- KSP signing
- PKCS11 signing
This is a list of popular signing tools supported by Software Trust Manager. This is not a comprehensive list.
- SignTool
- NuGet
- jarsigner
- jSign
For comprehensive documentation, refer to: Jenkins plugin for keypair signing
To learn more about centralizing and automating your code signing workflows with Software Trust Manager, reach out to Sales/Enquiry or visit: http://www.digicert.com/signing/software-trust-manager.