Authenticode Code Signing Technical How-to

Introduction

Harmful code is today a real threat to users and organizations alike, as criminal groups and even governments use malicious software to steal and monitor data, extort money or empty your bank account.

To digitally sign executable files such as applications, libraries and drivers is an important part of security whenever software is being distributed over insecure networks (internal or the Internet) or stored on untrusted media. Digitally signed code ensures that the software running on computers and devices is trusted and unmodified.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The most common use of code signing is to provide security when deploying software, for example installing and updating applications on your computer. The digital signature on the software is used to verify the identity of the author of the software and that the software has not been modified.

SignServer Cloud Authenticode Code Signing

PrimeKey SignServer Enterprise is a server-side signing solution that enables you to centralize all your cryptographic signing operations and with that increase control, auditability and implement more cost-efficient administration.

This Technical How-to covers launching SignServer Cloud and trying out code signing using the Microsoft Authenticode digital signature format.

For more information on all the various code signing capabilities of SignServer, refer to the Code Signing Technical How-to.