Binary signing using GitHub Actions
Suggerimento
As a DigiCert® KeyLocker user, you can enhance your code signing workflow using DigiCert® Software Trust Manager plugins.
Also known as Code signing with DigiCert Software Trust Manager, DigiCert Binary Signing is a GitHub Actions that enables teams to integrate code signing into their CI/CD workflows for multiple platforms using Software Trust.
This action automates the setup and invocation of the signing tool, manages certificates and key pairs, and enforces security best practices, such as multi-factor authentication and audit logging.
The action is especially valuable for organizations that need to ensure the integrity and authenticity of binaries, comply with signing-related security policies, and streamline high-volume release workflows.
Among other time-saving features, the action supports simple signing:
Simple signing allows you to sign without third-party signing tools (SignTool, Jarsigner, etc.) or intermediate libraries (smksp, smpkcs11, etc.).
To more about simple signing, see Sign binary commands.
To view the GitHub Marketplace entry and learn how to get started, see Code signing with DigiCert Software Trust Manager.