Code Signing

For Trusted Software

Application software or scripts are digitally signed using codesigning. This confirms the identity of the software manufacturer and ensures that the software has not been altered or corrupted.

Current systems do not allow the installation of unsigned software, or a warning appears to prevent users from installing potential malware. The signature of software with the certificate of an official provider marks the software as trustworthy and with integrity. Anyone who does not sign his software is considered unprofessional.

Since February 1, 2017, the guidelines of the Certificate Authority Security Council Group (CASC) hhave been mandatory for code signature certificates for Microsoft platforms. According to these Minimum Requirements for Code Signing Certificates, private keys must be generated and protected by a FIPS 140-2 Level 2 or higher certified HSM. Either through appropriate hardware on site or through a cloud-based HSM service. In contrast to the commonly used USB crypto tokens, which are connected to a system via USB, Clouds HSM integrates seamlessly into the development environment via the network and thus increases the degree of automation in the code signature process. For the software to be recognized as trustworthy, it must be signed with an Extended Validation Certificate (EV Certificate) from a publicly recognized Certification Authority (CA). Additional certificate requirements must be observed for the signature of hardware drivers or Apple apps.

Clouds HSM generates and stores the keys and code signature certificates securely and in compliance with CASC guidelines. This applies to JAVA code, programs under Microsoft/Unix/Mac/Mobile, or Office Macros.

Back to previous page

Contact us

Contact us if you want to know more about our products and offering.
Write us a message or request a call now