Tutorials and Guides

Get started with guides and tutorials for trying out and evaluating SignServer and view guides on how to start using code signing.

Get started with SignServer

Get started with a tutorial for trying out and evaluating SignServer.

→ Start SignServer Container with Client Certificate Authenticated Access

Get started with SignServer using Helm

Learn how to deploy SignServer in Kubernetes using our open-source Helm chart.

→ Tutorial - Deploy SignServer using a Helm chart

Try out post-quantum signing

Try out post-quantum signing to experiment and prepare for the transition to quantum-safe algorithms.

Learn how to set up your first post-quantum PKI with EJBCA and sign data using SignServer with the NIST candidate algorithm Dilithium.

→ Tutorial - Create a Post-Quantum PKI using EJBCA

→ Tutorial - SignServer Post-Quantum signing

Get started with container signing

Learn how to use SignServer together with Cosign to create signed container images.

→ SignServer Container Signing with Cosign

Code Signing How-to Guides

How-to guides on setting up SignServer for different code signing use cases.

Code Signing Technical How-to

This technical guide describes the code signing use case and how to start using code signing for signing of executable files, software releases, firmware or other custom formats.

→ Code Signing Technical How-to

Post-Quantum Code Signing How-to

As the time to roll out new Post-Quantum Cryptography (PQC) algorithms gets closer, it is wise to establish a high level of crypto agility in your organization and to try out the new algorithms as final candidate implementations become available from the NIST Post-Quantum Cryptography competition.

This guide demonstrates code signing based on SignServer using the post-quantum SPHINCS+ algorithm through Bouncy Castle and allows you to try out creating post-quantum keys and signatures.

→ Post-Quantum Code Signing How-to

Authenticode Code Signing Technical How-to

A brief guide for the use case SignServer Cloud and Authenticode signing, covering launching SignServer Cloud and trying out code signing using the Microsoft Authenticode digital signature format.

→ Authenticode Code Signing Technical How-to

Jenkins Integration for Automated Code Signing

A guide demonstrating an integration between SignServer and Jenkins for automated code signing in a CI/CD Pipeline. Includes using the SignServer JArchive CMS Signer for JAR signing and running a Jenkins Pipeline building and delivering the app, and using Client Certificate Authentication to authorize Jenkins to sign files in SignServer.

→ How To Integrate Jenkins with SignServer for Automated Code Signing