Skip to main content

Team lead guide

The Team Lead manages developers and engineering teams responsible for signing and releasing software.

Manage your team

A team is a group of users that have relevant resources mapped to them.

Astuce

To learn more, see Teams.

View your team

  1. Sign in to DigiCert ONE.

  2. In the Managers (grid-blue.svg) menu, select Software Trust.

  3. In the Software Trust menu, go to Account > Teams.

  4. Review the list of teams.

Assign team resources

You can assign the following resources to your team:

Resource

Description

Keypair profiles

Keypair profiles simplify keypair generation by preconfiguring values for all keypair options.

To learn more, see Keypair profiles.

Certificate profiles

The account lead sets up certificate profiles to simplify certificate generation by preconfiguring values for all certificate options.

To learn more, see Certificate profiles.

Certificates

A certificate is required to sign. You can generate public or private code signing certificates

To learn more, see Certificates.

Keypairs

A keypair is required to create a certificate and sign.

To learn more, see standard keypair and GPG keys.

Releases

Releases protect keys by restricting their use to preapproved dates and times. The preapproved date and time selected for a release is referred to as a release window. Within a release window, organizations can control which keypairs can be used, who can use them, and the maximum number of signatures.

To learn more, see Releases.

Team approvals

The team approval procedure triggers when a team member requests one of the following actions:

Astuce

Learn more about the approval procedure and how to change required approvals.

Manage threat detection (optional)

Software Trust offers two types of threat detection:

  • Scan software for malware, vulnerabilities, secrets, and more before releasing your software for consumption using our Dynamic Application Security Testing (DAST) service powered by ReversingLabs.

  • Scan Developer ID-signed software for malicious components before distribution outside of the Mac App Store.

Astuce

If you don't see Threat detection in the left navigation menu, contact your account manager. To learn how to run a scan and interpret a scan report, see Threat detection.

Sign your software (optional)

As a team lead, if you want to sign, review the instructions in the Signer's guide.

Dans cette section​: