Skip to main content

Team lead guide

The DigiCert​​®​​ Software Trust Manager Team Lead manages developers and engineering teams responsible for signing and releasing software.

A team is a group of users that have relevant resources mapped to them. Your account lead has assigned you as the lead for the team.

Tipp

For more information, refer to Teams.

To view your team:

  1. Sign in to DigiCert ONE.

  2. Navigate to the Manager menu icon (top-right) > Software Trust.

  3. Select Account > Teams.

You can assign the following resources to your team.

Keypair profile

Keypair profiles simplify keypair generation by preconfiguring values for all keypair options. If you do not see Keypair profiles in the left navigation menu, your account lead has not enabled keypair profiles.

For more detailed instructions, refer to Keypair profiles.

Certificate profile

Certificate profiles are set up by the account lead to simplify certificate generation by preconfiguring values for all certificate options.

For more detailed instructions, refer to Certificate profiles.

Certificates

A certificate is required to sign. You have permission generate certificates, you can generate public or private code signing certificates in Software Trust Manager.

For more detailed instructions, refer to Certificates.

Keypairs

A keypair is required to create a certificate and sign. You have permission create keypairs, review the two keypair types supported by Software Trust Manager.

For more detailed instructions, refer to standard keypair and GPG keys.

Releases

Releases protect keys by restricting their use to pre-approved dates and times. The pre-approved date and time selected for a release is referred to as a release window. Within a release window, organizations can control which keypairs can be used, who can use them, and the maximum number of signatures that can be used during the release.

For more detailed instructions, refer to Releases.

The team approval procedure is triggered when someone on your team requests to perform one of the actions below:

Tipp

Learn more about the approval procedure and how to change required approvals.

Software Trust Manager offers two types of threat detection. You can scan your software for malware, vulnerabilities, secrets, and more before releasing your software for consumption using our Dynamic Application Security Testing (DAST) service powered by ReversingLabs. You can also scan Developer ID-signed software for malicious components before distribution outside of the Mac App Store.

Tipp

If you do not see Threat detection in the left navigation menu, contact your account manager to add ReversingLabs integration to your service agreement. For more information about how to run a scan and interpret a scan report, refer to Threat detection.

Next steps

If you as the team lead also want to sign, follow the instructions in the Signer's guide to get ready to sign with your private key stored in Software Trust Manager.