DigiCert Software Trust Manager

Cloud-based code signing key management and storage.

TALK TO AN EXPERT
Software Trust Manager dashboard

What is Software Trust Manager?

Managing code signing certificates, private key security, user access, and software signing logs can be challenging—especially if your dev team is large or spread across several locations.

DigiCert Software Trust Manager is an all-in-one platform that improves code signing security, simplifies the process, and seamlessly integrates into your existing DevOps tools.

Get the DigiCert Software Trust Manager datasheet .

Software Trust Manager Key Benefits

  • Sign Remotely. Sign files using your favorite signing tool (e.g. SignTool JarSigner, etc.), use DigiCert’s Click-To-Sign utility, or integrate using the API or pre-built DevOps integrations.
  • Secure Private Keys. Your private keys are securely stored on hardware security modules (HSMs), preventing theft or accidental disclosure (such as via GitHub upload).
  • Track Activity. A detailed signing log shows you every file that has been signed with your keys, including when it was signed and who signed it.
  • Define Granular Policies. Get centralized control over security policies, granular account management, and role-based access control.
  • Detect Threats. Analyze software files for malware and vulnerabilities, signing only after the file has passed all analysis and checks.

Software Trust Manager Key Features

  • Centralize Control.
    • Set fine-grained key usage and access controls
    • Key usage models: static, dynamic, rotating
    • Key profiles: open/restricted
    • Algorithms: RSA, ECC, EC-DSA, Edwards, RSA-PSS (for device)
  • Enforce Policy.
    • Standardize and centralize management
    • Track signing activities, aiding audit and remediation
    • Predefined and automated workflows
    • Reporting & analytics
  • Reduce Risk.
    • Protect keys from security breach and theft
    • HSM-based key management and storage (on-premises or cloud)
    • Mitigate malware and compromised code with integrated application security testing (DAST)
    • Git commit signing, to protect source code integrity

65% of companies are affected by software supply chain attacks.

Sign Faster with Ease on Multiple Platforms

Easily secure your code with wide range of of signing and management options.

  • Automate and integrate code signing with your CI/CD processes
  • Reduce latency and upload times by leveraging hash signing
  • Eliminate the need for your own on-premises Hardware Security Module (HSM)
  • Explore more choices available for both dedicated and shared private roots

Achieving end-to-end key management encryption is a breeze, thanks to robust, fine-grained controls over certificates and key pairs. This enables you to effortlessly suspend, revoke, or backdate them, minimizing any potential disruptions to your delivery process. Additionally, DigiCert's Secure Software Manager platform extends support to all keys from any provider. You can import, export, and test-sign any certificate conveniently from a centralized interface.

DigiCert Secure Software Manager works with a variety of file types, including

  • OpenSSL
  • JAVA
  • Authenticode
  • Android
  • GPG
  • Debian
  • Docker
  • Nuget
  • ClickOnce

Integration with Enterprise Systems

CSPs on CI/CD Platforms Client-side Libraries Operating Systems & Platforms Application Testing Market Place Plug-in HSMs & DPOD
  • Apache ANT
  • Apache Maven
  • Azure DevOps
  • Gradle Jenkins
  • PKCS11
  • Microsoft KSP
    • Authenticode
    • Mage
    • Nuget
    • ClickOnce
  • Apple CryptoTokenKit
  • Android
  • Debian
  • Docker Notary GPG
  • OpenSSL
  • RPM
  • Java
  • Linux
  • XML
ReversingLabs GitHub Thales

Talk to an expert to learn how GeoCerts Solutions can help you deliver Digital Trust

By providing my details and selecting the submit option, I consent to receive communications from GeoCerts about its products and services. Additionally, I acknowledge and agree to GeoCerts and its affiliates processing my data under GeoCert's Privacy Policy.