Tutorials and Guides
Get started with a quick start guide for trying out and evaluating SignServer and view guides on how to start using code signing.
Get started with SignServer
Get started with a quick start guide for trying out and evaluating SignServer.
→ Start SignServer Container with Client Certificate Authenticated Access
SignServer Container Signing with Cosign
Learn how to use SignServer together with Cosign to create signed container images.
→ SignServer Container Signing with Cosign
Code Signing How-to Guides
How-to guides on setting up SignServer for different code signing use cases.
Code Signing Technical How-to
This technical guide describes the code signing use case and how to start using code signing for signing of executable files, software releases, firmware or other custom formats.
→ Code Signing Technical How-to
Authenticode Code Signing Technical How-to
A brief guide for the use case SignServer Cloud and Authenticode signing, covering launching SignServer Cloud and trying out code signing using the Microsoft Authenticode digital signature format.
→ Authenticode Code Signing Technical How-to
Jenkins Integration for Automated Code Signing
A guide demonstrating an integration between SignServer and Jenkins for automated code signing in a CI/CD Pipeline. Includes using the SignServer JArchive CMS Signer for JAR signing and running a Jenkins Pipeline building and delivering the app, and using Client Certificate Authentication to authorize Jenkins to sign files in SignServer.
→ How To Integrate Jenkins with SignServer for Automated Code Signing
→ Video Tutorial - Automating Code Signing with Jenkins and SignServer
Post-Quantum Code Signing How-to
As the time to roll out new Post-Quantum Cryptography (PQC) algorithms gets closer, it is wise to establish a high level of crypto agility in your organization and to try out the new algorithms as final candidate implementations become available from the NIST Post-Quantum Cryptography competition.
This guide demonstrates code signing based on SignServer using the post-quantum SPHINCS+ algorithm through Bouncy Castle and allows you to try out creating post-quantum keys and signatures.
→ Post-Quantum Code Signing How-to