Signotaur is a robust, self-hosted platform that automates the remote application of trusted code signatures to your software, ensuring secure, compliant releases. It operates as a centralized service for managing signing certificates, seamlessly integrating with continuous integration (CI) systems.
Administrators can securely register a broad-range of certificates with the server, making them accessible to the client tool for remote file signing.
- YubiKey and SafeNet eToken hardware security devices.
- Other PKCS#11-compliant devices and hardware security modules (HSMs).
- File-based certificates (PFX).
- Certificates in the Windows Certificate Store.
The Signotaur client tool features an intuitive command-line interface, simplifying integration with existing build scripts and CI/CD workflows,