Developer guide
The DigiCert® Software Trust Manager Developer is responsible for signing, managing assets related to signing, and releasing software.
A keypair is required to create a certificate and sign. You have permission create keypairs, review the two keypair types supported by Software Trust Manager:
A certificate is required to sign. You have permission generate certificates, you can generate public or private code signing certificates in Software Trust Manager.
To create a certificate:
Sign in to DigiCert ONE.
Navigate to the Manager menu icon (top right) > Software Trust.
Select Keypairs.
Hover over the keypair you want to use to create the certificate until the menu icon appears.
Select Generate certificate.
Sugerencia
For more detailed instructions, refer to Certificates.
You can review reports for threats detected in your software.
Sugerencia
If you do not see Threat detection in the left navigation menu, contact your account manager to add Threat detection to your service agreement.
Software Trust Manager offers the following types of threat detection:
Releases protect keys by restricting their use to pre-approved dates and times. The pre-approved date and time selected for a release is referred to as a release window. Within a release window, organizations can control which keypairs can be used, who can use them, and the maximum number of signatures that can be used during the release.
To create a software release:
Sign in to DigiCert ONE.
Navigate to the manager menu icon (top-right) > Software Trust.
Select Releases.
Select Create release.
Sugerencia
For more detailed instructions, refer to Releases.
Next steps
If you as the developer also want to sign, follow the instructions in the Signer's guide to get ready to sign with your private key stored in Software Trust Manager.