Skip to main content

Software Trust Managerの要件

To securely sign your software using DigiCert​​®​​ KeyLocker, you will need to set up specific authentication factors, environment configurations, and client tools. These steps ensure that your private keys are securely managed while allowing you to execute trusted, compliant signatures across various environments. Follow these requirements to establish a seamless signing process.

APIトークン

APIトークンを作成するには、システム以外のアカウントでDigiCert Oneにログインし、アカウントマネージャ > アクセス > APIトークン > APIトークンを作成に移動します。

注記

The permissions associated with the API token and client authentication certificate are based upon your user role set in DigiCert​​®​​ KeyLocker.

Create an API key

An API key is a unique identifier generated by the server to authenticate a user or calling program to an API.

Follow the procedure below based on your user classification:

Create a client authentication certificate

A client authentication certificate is a X.509 digital certificate with a unique password that is generated by the server to authenticate a user or calling program to an API.

Host environment

During environment variable setup, you are required to provide the DigiCert ONE host value.

注記

You can only connect to the host that was used to create your credentials.

1. Host options

Country

Host type

SM_HOST value

United States of America (USA)

Production

https://clientauth.one.digicert.com

Netherlands (NL)

Production

https://clientauth.one.nl.digicert.com


Software Trust Managerのツール

クライアント側のツールは、DigiCert​​®​​ Software Trust Managerの管理ポータルから入手できます。

To download client tools:

  1. DigiCert​​®​​ Software Trust Manager > リソース > クライアントツール

  2. Select the Manager meu (top-right) > DigiCert​​®​​ KeyLocker.

  3. Navigate to: Resources > Client tool repository.

  4. Download the appropriate files, move them to the appropriate client computer, and extract (or install).

The following client tools are available:

Set PATH environment variables

Operating systems use the environment variable called PATH to determine where executable files are stored on your system. Use the PATH environment variable to store the file path to your signing tools to ensure that the CLI can reference these signing tools.

注記

Client tools must be available in the PATH variable for the environment to invoke the client control from CI/CD integration without specifying the path. For the examples given, it is assumed that the path to the client control tools has been set in the path.

Secure your credentials

Your DigiCert ONE host environment, API key, client authentication certificate, and password make up your environment variables and are required to access DigiCert​​®​​ KeyLocker client tools. Use one of the methods provided below to securely store your credentials based on your operating system.