Skip to main content

Developer guide

The DigiCert​​®​​ Software Trust Manager Developer is responsible for signing, managing assets related to signing, and releasing software.

Create a keypair

A keypair is required to create a certificate and sign. You have permission create keypairs, review the two keypair types supported by Software Trust Manager:

Create a certificate

A certificate is required to sign. You have permission generate certificates, you can generate public or private code signing certificates in Software Trust Manager.

To create a certificate:

  1. Sign in to DigiCert ONE.

  2. Navigate to the Manager menu icon (top right) > Software Trust.

  3. Select Keypairs.

  4. Hover over the keypair you want to use to create the certificate until the menu icon appears.

  5. Select Generate certificate.

Tip

For more detailed instructions, refer to Certificates.

View threat detection scans

DigiCert​​®​​ Software Trust Manager offers two types of threat detection. You can scan your software for malware, vulnerabilities, secrets, and more before releasing your software for consumption using our Dynamic Application Security Testing (DAST) service powered by ReversingLabs. You can also scan Developer ID-signed software for malicious components before distribution outside of the Mac App Store.

Tip

If you do not see Threat detection in the left navigation menu, contact your account manager to add ReversingLabs integration to your service agreement. For more information about how to run a scan and interpret a scan report, refer to Threat dectection.

To view threat detection scan details:

  1. Sign in to DigiCert ONE.

  2. Navigate to: Manager menu icon (top right) > Software Trust.

  3. Select Threat detection.

  4. Select the scan alias to view more details.

  5. Review the following sections:

    1. Scan summaryThreat detection

    2. General informationThreat detection

    3. Deployment risksThreat detection

    4. Common vulnerabilities and exposuresThreat detection

Tip

For more information refer to Threat dectection.

Create a release (optional)

Releases protect keys by restricting their use to pre-approved dates and times. The pre-approved date and time selected for a release is referred to as a release window. Within a release window, organizations can control which keypairs can be used, who can use them, and the maximum number of signatures that can be used during the release.

To create a software release:

  1. Sign in to DigiCert ONE.

  2. Navigate to the manager menu icon (top-right) > Software Trust.

  3. Select Releases.

  4. Select Create release.

Tip

For more detailed instructions, refer to Releases.

Next steps

If you as the developer also want to sign, follow the instructions in the Signer's guide to get ready to sign with your private key stored in Software Trust Manager.

In this section: