Software Trust Manager

Software Trust Manager will make video content available in our UI regarding the benefits of undertaking Threat Detection so customers can learn more about the benefits of using Threat Detection to secure software supply-chains.

We have corrected the signature count related to archive logs to align with total signatures for the account. Previously, filters applied in the UI impacted the signature count value. Going forward, this will no longer be the case.

Software Trust Manager will now make our content regarding the benefits of undertaking Threat Detection on software available to all customers ahead of signing with this release.

If you are not presently licensing the Threat Detection feature, you will be given access to a tab where we explain the benefits of this feature. If you want to learn more or sign up for a free trial, you can express your interest. To learn more about this feature, see Threat detection.

In this release, we optimized the signature log user interface (UI) pages, resulting in a much-improved load time for signature logs in the Software Trust Manager UI.

The load time of recent logs has been an issue for those with large log volumes. These larger volumes caused the request to the service to timeout, which in this release has been optimized and will no longer happen. Further changes are planned to optimize for other parts of the signature logs workflow, which will go live in future releases to continue improving this experience.

DigiCert® CA Manager now offers you the ability to generate and store your private keys for code signing certificates in DigiCert's shared key storage services, as well as in your dedicated key storage services that are integrated with your Software Trust Manager account. In CA Manager, you can enable multiple active key storage services, such as DigiCert's hosted HSMs and your cloud-based HSM service "Data Protection on Demand" (DPoD) from Thales. Software Trust Manager has enhanced the keypair generation workflow to enable you to choose where to generate new keys based on your use case in Software Trust Manager and in SMCTL, our command-line interface. You can access and sign with your keys regardless of whether your keys are stored in DigiCert's shared key storage services or in your dedicated key storage services, or HSMs.

We have improved our error messages for the Software Trust Manager Projects feature. Previously these error messages referenced resource IDs, however we will now display resource aliases instead to ensure that the resource is more easily identified by our users.

We have improved our error messages for the Software Trust Manager Release feature. Previously these error messages referenced keypair IDs, however we will now display keypair aliases instead to ensure that the keypair is more easily identified by our users.

We identified an issue with the end date shown in the contract term drop-down menu in the Software Trust Manager Dashboard. The end date displayed was always the original end date of the contract term, and did not account for contract terms that were extended before the contract expired. The end date for contract terms now take contract extensions into account and display correctly.

We have added an Exploitability field to the FOSSA threat detection scan details page. The Exploitability field provides information about the likelihood that a given vulnerability will be exploited. This field helps users, administrators, and security professionals assess the urgency and priority of addressing Common Vulnerabilities and Exposures (CVE).

On November 2, 2023, we enhanced the release workflow, this change caused backward compatible issues with older versions of Signing Manager Controller (SMCTL). We have fixed the backward compatibility issue in this release. Older versions of SMCTL now works with the new release workflow enhancements.

We enhanced our threat detection integration with FOSSA. This enhancement allows you to download licensing, SBOM, vulnerability reports after completing a threat detection scan with FOSSA. In addition, you to customize the report format and metadata included in the report.

When attempting to delete a threat detection scan, the following error messages were returned: Scan not found for given identifier ID - <Scan ID>. and Translation is missing. We have resolved this issue and you should now be able to successfully delete scans in Software Trust Manager.

Our new release feature allows you to set the purpose of your release, you can continue to use releases just to sign, or you can use our new workflow to use releases to perform threat detection scans, or to scan your software and if no threats are detected, allow your software to be signed as part of the release. You can set your preference in account settings.

Our threat detection feature integrates with ReversingLabs to identify CVEs and deployment risks in your software. Initially, all P0 deployment risk scans would fail, but we've introduced a new enhancement that empowers you to select the P0 level in account settings which determines when the scan should fail. This way, you can focus on the highest deployment risks, enabling you to progressively refine your software while avoiding an overwhelming number of results with varying criticalities.

We have added a Version column to the list of threat detection scans in Software Trust Manager, to make it easier for you to identify which version of the software was scanned.Threat detection

ReversingLabs scans were initially listed in Software Trust Manager Scan type field as a DAST (Dynamic Application Security Testing), however after a thorough investigation we have renamed this scan type to SBA (Static Binary Analysis). SBA, also known as binary analysis or binary code analysis, more clearly describes that this scan type concentrates on analyzing the compiled binary code of an application or system without executing it. It aims to uncover vulnerabilities in the code itself, rather than its runtime behavior.

We corrected the calculation in the Software Trust Manager dashboard. for Production signature units and HSM keypair units. Initially this calculation was based on the contract term selected within the dashboard. However this has been corrected to show that the signature units calculation is based on the contract term you have selected, whereas the HSM keypair units calculation is based on your account lifespan because these units do not expire.

We identified a bug in the test keypair generation workflow. When you creating a test keypair, the workflow allowed users to select online or offline as a keypair status. We have corrected this workflow to only restrict test keypairs to an online status.

Starting November 1, 2023, at 18:00 MDT (November 2, 2023, at 00:00 UTC), we will require all DigiCert ONE accounts to use two-factor authentication (2FA).

You will use both your credentials and a one-time password to access your account. When you log in to your DigiCert ONE account on November 1, you will be prompted to set up two-factor authentication. If you have already enabled two-factor authentication in Account Manager before this date, no further action is necessary.

How to enable two-factor authentication in Account Manager.

The SMCTL desync command previously only desynced the expired and revoked certificates associated with a keypair from the local Windows store. We have improved the functionality of this command to allow you to additionally specify invalid or all as a parameter in the Windows desync command so that all certificates associated with the keypair would be desynced.Windows

The SMCTL verify signature command has previously provided a lengthy output that made it difficult to identify if the verification of the signature was a success or failure. We have introduced a new parameter called --quiet that can be added to the verify signature command to limit the output of the command to one sentence confirming if the verification of the signature is a success or failure.

ReversingLabs' periodically updates their configuration files to improve the quality of scan responses and add new policies. DigiCert​​®​​ Software Trust Manager is now relying on the latest available version of ReversingLabs configuration file to improve accuracy and consistency between DigiCert​​®​​ Software Trust Manager and ReversingLabs' portal.

With this release, DigiCert​​®​​ Software Trust Manager Threat Detection customers now have the option to choose generation of SBOMs in SPDX or CycloneDX formats. SBOM format choice is now something users can select from the CLI (SMCTL). To leverage this capability, make sure to download the latest version of the CLI (SMCTL) from Software Trust Manager Client Tools Repository.

Software Trust Manager Threat Detection customers can now make choices on what reports to generate when requesting a scan on the CLI (SMCTL). Until this point all reports were generated by default. Now you can choose which reports to generate and those reports that will be pushed up to the Scan results in the Software Trust Manager UI. To leverage this capability, make sure download the latest version of the CLI (SMCTL) from Software Trust Manager Client Tools Repository.

To better support threat detection software assurance CI/CD workflows, we have introduced support for a non-zero response flag when customers make a threat detection scan in our CLI (SMCTL). By including this new flag in the CLI request, any scans which fail will force the CI/CD pipeline to fail and exit so that customers can block and further activities they planned to do if the scan was a success. To leverage this capability, make sure to download the latest version of the CLI (SMCTL) from Software Trust Manager Client Tools Repository.

After release, there were a few UI enhancements identified to make the Software Projects workflows consistent with the rest of Software Trust Manager . Changes included UI content alignment, changes to button position and function as well as the ability to pause projects and change the project alias.

There was a bug with respect to default user mapping at the time of GPG keypair generation. It is now resolved.

When system users enabled Software Trust Manager feature flags in DigiCert® Account Manager, unrelated settings showed being affected in Software Trust Manager account settings. This has been fixed. When system users update Software Trust Manager related feature flags in DigiCert® Account Manager, only the specified flag gets updated while unrelated existing flags remain unaffected.

Software Trust Manager has partnered with FOSSA, a Software Composition Analysis (SCA) tool to extend our Threat detection ability to scan your source code repository via role-based access control (RBAC) from Signing Manger Controller (SMCTL). This feature allows all scan results to be shared to your Software Trust Manager cloud account and includes controls and analytics to help you use Software Trust Manager to secure your software supply chain.

Integrate Software Trust Manager with Oracle Cloud Infrastructure (OCI) using our new script integration and our PKCS11 library for secure cryptographic operations and signing within your CI/CD pipeline.

On Fedora 36 and above, the requirement to import GPG keys into the RPM repository became more strict, which caused the key import function to fail if there were critical flags. We have removed the GPG logic for critical flags on key flags and primary user ID. This change resolved the issue with importing RPM keys.

Expired users were inappropriately showing as Approvers for any Teams-related action. Also, when Teams were enabled, expired users were shown in a list of users with sign permission when creating or editing a release. Expired users have now been removed from these workflows.

We recently made changes to consolidate our integrations based on the connector model. In doing so, we introduced a UI bug which meant some customers could not see their CertCentral integration on the connectors list page. This has been fixed, and all customers can now view CertCentral integration on the connectors page.

CertCentral connector failed to load when CertCentral integration was only enabled in Software Trust Manager account settings and not in Account Manager. This has been fixed, CertCentral connector now loads correctly when CertCentral integration is enabled in Software Trust Manager account settings and, or in Account Manager.

Software Trust Manager's new Connectors feature provides you and your teams with a new space to manage your integrations. You can integrate your Software Trust Manager account with CertCentral global or Europe to order and manage publicly trusted certificates. You can also integrate with ReversingLabs to enable Threat detection on your account.

Last week Software Trust Manager released a new feature called Projects, however the feature was inaccessible to users relying on MariaDB  version 10.3.x. The Projects feature is now backward compatible to MariaDB 10.3.x.

The Learn more link on the projects page in Software Trust Manager received a "Page not found" error. The link has been updated to link correctly to the Projects page.

When Allow team mapping for keypairs and certificates profiles is enabled for teams in Software Trust Manager Account settings, the team's certificate profiles did not populate in the certificate profile list during certificate generation for an existing keypair. This has been fixed. If Allow team mapping for keypairs and certificates profiles is enabled for teams, and you generate a new keypair with a default certificate, you will be able to select a certificate profile associated with your team from the drop-down menu.

On August 15, 2023, DigiCert upgraded our support plans to provide a better, more customizable experience. These improved plans are scalable and backed by our technical experts to ensure your success.

New plans:

For more details about what these plans include, see the DigiCert Support Plans and DigiCert Support: Enabling Your Success.

How does this affect me?

To show our appreciation, DigiCert has upgraded all existing customers to either Business or Premium support plans for a limited time at no additional charge. See our August 15 change log entry.

How the limited-time upgrade works:

Software Trust Manager's new feature Projects provides you and your teams with a structured and collaborative environment to manage threat detection scans and releases for a specific software development project. Create a project to store all your related software scans and releases for different versions of the same software. You can refer to each software project by a descriptive name and an alias to allow for easy reference in SMCTL commands.Threat detection

When the Address 2 field for the organization's address was "NULL" in DigiCert® Account Manager, certificate generation and dynamic keypair refresh failed. This issue has been fixed and should allows you to generate a certificate and refresh your dynamic keypair regardless of whether the optional Address 2 field has been completed or not.

Code signing with the Jenkins plugin is a streamlined keypair-based signing workflow that improves software security and seamlessly integrates with DevOps processes to sign binaries on Windows and Linux with standard keypairs. This plugin accelerates the installation and configuration of clients and signature tools to help developers become signing-ready for Jenkins pipeline.

GPG signing with the Jenkins plugin is a streamlined keypair-based signing workflow that improves software security and seamlessly integrates with DevOps processes to sign binaries on Windows and Linux with GPG keys. This plugin accelerates the installation and configuration of clients and signature tools to help developers become signing-ready for Jenkins pipeline.

Users with the "Approve release window" permission were redirected to "Page not found" when attempting to approve an offline release. Users that have the "Approve release window" permission assigned are now able to access the approve release page when attempting to approve an offline release.

When a user with insufficient permissions attempted to access a page, they were redirected to the dashboard. This issue has been resolved and users are shown "Page not found" when attempting to access a page with insufficient permissions.

When your data was previously filtered using a filter that no longer exists, no results were displayed. When you view your list pages now, any archived filters that were applied will be removed, and you can select to filter your data by existing filters.

Added capability to filter by dropdown selections of Severity and Status filters in threat detection results so customers can limit view to priority risks.

Deprecating the license page in account settings as we better cater for this in the dashboard, as well as providing overall consumption rates in the customer's account section of DigiCert ONE.

Fixed an issue where, once you applied filters related to keypairs on the keypairs list page, then visited another page and came back to the keypair list page, the filter was persisted but the results were not filtered correctly. We have resolved this now for all keypair algorithm types.

Custom CertCentral fields were not showing up in Generate Certificate page for existing keypairs. We are now delivering parity for new and existing keypairs when generating a new certificate in this release.

Previously, deployment risks and common vulnerabilities and exposures (CVE) were sorted by ID number rather than priority in the threat detection results pages. Now, both deployment risks and CVE data will be sorted in descending order to show critical risks and vulnerabilities first.

For example, a severity 9 CVE will be higher on the page than a severity 7 CVE and a P0 deployment risk will be higher than a P1, etc.

Software Trust Manager released a new and improved dashboard that allows you to filter your data by your contract term, team, or a specific user. You can use this feature to identify an overview of:

Software Trust Manager released some enhancements relating to the Threat detection feature following our integration with ReversingLabs. We now support a new and expanded JSON schema that permits more information to be provided based on the data retrieved following the binary decomposition analysis. We also added a new logo in the UI and changed the name from Software Scanner to Threat Detection. Further, we give credit to National Vulnerability Database (NVD) relating to the Common vulnerabilities and exposures (CVE) details.

If a user had Certificate Revoke permission but not Certificate Profile permission, certificate revoke was not possible. This is now resolved.

The release dropdown list was blank when selecting releases to compare, which is now resolved.

For Account scope users, the dashboard now shows an accurate count for keypairs and certificates.

The client tools repo for System users showed Keylocker client tools in addition to STM client tools. The appropriate client tools are now only visible.

CertCentral recently introduced a custom field for certificate orders which supports user choosing a dropdown option. Software Trust Manager will now also support dropdowns for custom fields in our UI for parity purposes.

We are updating Software Trust Manager’s server-side log validation errors to capture validation errors, record more comprehensive logs, remove duplicate logging, and classify logs correctly.

Published 1.7.0 Azure devops extension to fix the broken client tools download link (tested with test extension version 1.5.0).

Fixed an issue where service users were not being mapped to GPG keys correctly. This is now corrected and service users can sign and manage GPG keys as per the service design.

Fixed issues with SMCTL Windows commands certsync and desync. These should now perform normally.

Software Trust Manager command-line interface (SMCTL) has enabled users to incorporate notarization workflows for Apple apps and binaries. Developers can not only sign their Apple files but also get them notarized and staple the results to the binary to give end users confidence around the quality of the software being installed on their Apple devices.

Click-to-sign client now supports customers to enable DEBUG logging so as to help identify configuration and setup errors detected when using the client.

Allows users to specify a GPG subkey for signing so that users can opt to use an older subkey.

Software Trust Manager has introduced MDC (Mapped Diagnostic Context) approach to enrich server-side log messages. These messages provide information to better track service execution.

Fixed an issue that was not assigning the creator of a new keypair as the default user.

We identified some missing server-side log scenarios relating to some events. We are now capturing create and modify for GPG master and subkeys, update Account Settings, and client tools download.

Implemented a fix to alert users who do not have access to a key and try to sign with it. Such users now see a proper error message.

Click-to-sign client now supports customers to enable DEBUG logging so as to help identify configuration and setup errors detected when using the client.

Allow users to specify a GPG subkey for signing so that users can opt to use a subkey which is not the most recently generated key in the GPG keyring.

Fixed an issue that was not assigning the creator of a new keypair as the default user.

We identified some missing server-side log scenarios relating to some events. We are now capturing create and modify for GPG master and subkeys, update Account Settings, and client tools download.

Implemented a fix to alert users who do not have access to a key and try to sign with it. Such users now see a proper error message.

Text about issue

Signing Apple binaries with Apple certificates can be complicated. We simplified the process by extending the scope of the STM CLI (SMCTL) to identify Apple binary types and build signing commands for Apple's codesign and productsign tools, so the user only has to identify the keypair they wish to use and where the binaries reside.

Legacy connected devices are often constrained by key algorithm as well as keysize/curve and do not have the ability to support newer or more robust keys. Software Trust Manager is adding support for ECDSA keypairs with p192 curve to support customers with legacy product lines constrained to this key type. The generation and import of these keys is limited to STM disk storage. Signing is supported in conjunction with the STM PKCS11 library and optimized for OpenSSL and PKCS 11 tool signing tools.

Fixed a bug where for some keypairs, the default certificate checkbox was enabled and for some it was disabled. All keypairs can now have default certificate set if required.

Fixed an error in the account settings content relative to trial account being enabled.

Fixed an error for customers who connect remotely via SSH who were not able to see their environment variables from the STM CLI (SMCTL).

Keytool import was importing the key as online by default, which conflicted with how the STM CLI (SMCTL) performs keypair import. Now all keypair import operations will set the key as offline for users to bring online afterwards if they choose.

Software Trust Manager launched the Teams feature in 2022. This feature enables the management of users, keys, and profiles by grouping these resources under a team. It also introduces multi-person approval workflows and signing limits to account admins—all local and specific to each team of users. With the Teams feature fully established, we will sunset the older APIs which supported profiles to user mappings and instead invite customers to use the Teams APIs to map profiles to users instead.

Rebranding our click-to-sign client with the product name Software Trust Manager. This is a cosmetic change of logos and branding and does not introduce any breaking changes.

Rebranding our Azure DevOps and GitHub custom action plugins to the product name Software Trust Manager. This is a cosmetic change of logos and branding and does not introduce any breaking changes.

Fixed bugs relating to GPG keypairs which were identified post-release.

Fixed a bug which caused the click-to-sign client to crash.

Software Trust Manager now supports hosted account customers to have a dedicated account integration for secure key generation in a Thales DPOD service. Our workflows support key generation and support signing with keys hosted on the Thales DPOD service, which meets the minimum requirements for public trust code signing private key storage. Customers benefit from the dedicate storage provided by Thales, and means the customer will always retain the keys.

We are rebranding the product from Secure Software Manager to Software Trust Manager. The new name aligns with the vision for the product as we grow the capabilities to deliver a broader range of software trust features which help customers secure their software supply chain at a time when ensuring digital trust is now one of the most pressing issues for the modern enterprise.

Users can now sign and modify GPG keypairs from the CLI, bringing parity to keypair activities which are already in place for standard keys on the CLI.

Users can now create and modify GPG Keypairs from the CLI, bringing parity to keypair activities which are already in place for standard keys on the CLI.

Certificate auto-renewal process was happening too far away from the certificate expiry date. We fixed this by checking for certificate expiry every 4 hours and replacing certs which were enabled for auto-renewal when they are less than 6 hours left with the certs validity.

Certificate auto-renewal process was causing duplication of renewed certs and and also was causing the alias of the certificate to become exponentially long. We fixed the duplication issue and made adjustments to how we rename legacy certificates so the alias is not growing exponentially each time the cert expires.

The introduction of teams feature caused an unexpected issue when trying to import a certificate when the teams feature was enabled. Users can now import certs when teams feature is enabled or disabled.

Users not part of release should not have signatures count towards release signature limit and user should not be able to sign with key if not part of release when the key is in offline status. Applies to both standard keys and GPG keys.

Fixed an issue where uncaught exceptions in the account settings UI caused the status spinner to spin indefinitely.

Fixed an issue where changes made to account settings were not being inherited in release windows.

To support customers who sign with GPG keyrings, DigiCert​​®​​ Software Trust Manager (STM) now supports importing GPG secrings into a STM account. This lets you continue signing with assets that are known to your customers and partners. The new workflows capture all signatures to the DigiCert​​®​​ Software Trust Manager log for improved signing visibility, and supports export functionality for customers with multi-person approval structures.

Private key export was limited to only restricted access keys stored in disk. This fix enables all secure disk stored keys to be exported via the export workflow.

We have included a UI spinner to show activity when the user makes a request to export logs, a process which can take some time depending on the size of the log.

Includes more stringent validation of changes to customers' account settings made via the API.

CertCentral introduced support for instant issuance of public trust code signing certificates, CS and EV CS, in late 2022. DigiCert​​®​​ Software Trust Manager integration now supports auto-issuance of public trust code signing certs. This applies only to organizations which are pre-approved in your CertCentral account when CertCentral is enabled to bypass manual approval, or when the request is made by a verified CertCentral organization contact.

Set up preapproval in CertCentral advanced settings so you can auto-issue public trust code signing certificates via DigiCert​​®​​ Software Trust Manager.

DigiCert​​®​​ Software Trust Manager PKCS11 library is now optimized to support integrating with Espressif tool suite to support Secure Boot (v2) process on the ESP32.

This means customers can create, sign with and manage signing keys stored in DigiCert​​®​​ Software Trust Manager to ensure the organization's second stage bootloader and binary are both signed and can be verified as trustworthy before being installed on the device.

The STM command-line interface (CLI) tool can now write sign commands for Authenticode files types using the osslcodesign signing tool. This will help customers who wish to simplify the signing process for Authenticode files and capture metadata relating to signatures on Linux and Mac OS.

The default signing tool for Authenticode file signing using the STM CLI on Linux is Jsign. To select Osslsign, users will need to provide --tool osslsigncode as part of the signing command.

The STM command-line interface (CLI) tool now allows customers to request and approve offline release windows for keys which are part of an STM Team which is enforcing multi-person approval. Multi-person approval of offline release windows was released for APIs and UI in December, and we are bringing parity to the CLI in this month's release.

The STM user interface will see many minor enhancements related to the latest and greatest DigiCert ONE UI common component library. This will make the user experience more consistent and provide easier access to common tasks on list pages such as modifying, deleting, and revoking resources such as keys, certs, teams, releases, and profiles.

The DigiCert​​®​​ Software Trust Manager API documentation team introduces a revamped version of STM Swagger for APIs to provide more context and content and support a simpler integration experience. The new Swagger API page is available to view under the Resources section of the STM UI.

Fix UI experience relating to load of audit logs and signature log export page.

Fix Nuget signing issues identified after initial release so as to support Nuget signing in full via Click-to-sign client.

Minor content changes relating to client tools repository module in the UI.

Minor content changes relating to online documentation.

CertCentral introduced support for instant issuance of public trust code signing certificates, CS and EV CS, in late 2022 which caused some certificate imports to fail via the DigiCert​​®​​ Software Trust Manager integration. DigiCert​​®​​ Software Trust Manager has now introduced support for all CertCentral issuance workflows regardless of whether CertCentral administrator approval is required. All issued certificates which were not imported will be imported as a result of this fix to resolve any remaining customer issues.