PKCS11 library
DigiCert® KeyLocker provides a PKCS11 library for developers to securely and quickly sign code.
The PKCS11 library handles secure key generation, application hash signing, and associated certificate-related requirements when the signing request does not require the transportation of files and intellectual property.
What signing tools can PKCS11 library integrate with?
The DigiCert® KeyLocker PKCS11 library integrates with the following non-Microsoft signing tools while maintaining key protection, permission-based access and reporting all signing activities:
Jarsigner (for Java)
OpenSSL
Jsign
Osslsigncode
What can the PKCS11 sign?
DigiCert® KeyLocker PKCS11 library enables secure hash-based signing of non-Microsoft:
Files
Firmware
Applications
Images
Software
Download PKCS11 library
Sign in to DigiCert® KeyLocker.
Navigate to: Manager menu (top-right) KeyLocker.
Select Resources > Client tool repository.
Click the download icon next to KeyLocker Clients.
Create PKCS11 configuration file
To create a configuration file with the path to this shared library:
Open an integrated development environment (IDE) or plain text editor.
Copy and paste the following text into the editor:
Save the file as pkcs11properties.cfg.
Move the pkcs11properties.cfg file to the same location as the PKCS11 library.