The PrimeKey SignServer team is pleased to announce the release of SignServer 5.6.0.

With this release, we are introducing support for request prioritization, allowing incoming signing requests to be assigned different priority levels based on configuration. This release also brings support for Authenticode resigning, enabling signing of Microsoft Authenticode signed PE and MSI files with an additional signature.

Deployment options include SignServer Hardware Appliance and SignServer Cloud.

Highlights

Request Prioritization

By setting up priority levels for different signing request types, you can now ensure that the available SignServer system capacity is assigned to incoming signing requests based on your defined priority levels.

The new SignServer Request Prioritization feature ensures that response times for high-priority requests can be optimized while lower priority requests may get queued. Priority levels are configured as part of the worker configuration. For more information, see Setting up Request Prioritization.

Authenticode Resigning

SignServer 5.6.0 introduces support for signing Microsoft Authenticode signed PE and MSI files with an additional signature. By signing application files with multiple signatures, the files can be made compatible with the signing schemes of both legacy and modern Microsoft platforms.

For information on configuring and signing using the SignServer MS Authenticode signer, see Authenticode Code Signing.

Upgrade Information

Review the SignServer Upgrade Notes for important information about this release. For upgrade instructions, see Upgrade SignServer.

SignServer 5.6.0 is included in SignServer Hardware Appliance 3.5.8 and SignServer Cloud 1.8.

Change Log: Resolved Issues

For full details of fixed bugs and implemented features in SignServer 5.6.0, refer to our JIRA Issue Tracker.

Issues Resolved in 5.6.0

Released February 2021

New Features

DSS-934 - Add support in MSAuthCodeSigner for signing already signed PE files

DSS-1834 - Add support in MSAuthCodeSigner for signing already signed MSI files

DSS-2264 - Request Prioritization

Improvements

DSS-2120 - Add "Reload from database" button for authorizations

DSS-2259 - Improve flexibility for PDF signer CryptoToken access

DSS-2263 - Increase performance for key generation when P11NG is used

Tasks

DSS-2208 - Creation of new Web Filter : Implementation based on Jetty QoSFilter

DSS-2209 - Add global configuration for web filter

DSS-2210 - Use correct priority based on config and worker

DSS-2211 - Create a SleepWorker (for testing)

DSS-2214 - SignClient to use new URLs: Allow to use /worker/WORKERNAME

DSS-2238 - Filter SOAP Web Services

DSS-2256 - Update copyright year for 2021

Bug Fixes

DSS-2223 - Producer field corrupted in signed PDF

DSS-2224Stresstest tool lockups at exit with QoS Filter

DSS-2226 - Some tests in SignClientP11AuthTest fails with QoSFilter enabled

DSS-2229 - NPE if V1_SIGNATURE_NAME not specified and certificate is not in token