Skip to main content
purple hex pattern

Automate your code signing management and approval processes

Many organizations develop software and require an enterprise-grade, controlled software signing approval process. The Entrust Code Signing Gateway provides a range of flexible, centralized workflow automation functions that help software development organizations meet strong security requirements.

The Code Signing Gateway, delivered by the Entrust Data Protection Solutions Professional Services team, is a customer hosted server that runs Entrust code signing workflow applications. The Code Signing Gateway:

  • Manages authorization workflow
  • Accepts requests
  • Notifies approvers via email
  • Manages time-outs
  • Acknowledges approvals
  • Logs activity
  • Delivers signed code to the staging area

The Code Signing Gateway can be accessed through a traditional web-based portal or through a RESTful API allowing integration into automated build process, or customer workflow engines.

The Code Signing Gateway supports the signing of the following code types:

  • Microsoft Windows - .exe, .dll, *.ocx, *.vbs, *.msi, *.html, and all types supported by Microsoft’s signtool
  • Java – Java archive (.jar), and .cab files
  • Generic hash signing

Underpinned by Entrust nShield HSMs

The Code Signing Gateway utilizes Entrust nShield® Hardware Security Modules (HSMs) as the root of trust, securing all signing keys in a FIPS 140-2 certified HSM. This prevents the potential loss of valuable signing keys — the keys to your code’s authenticity and integrity.

nShield HSMs are among the highest-performing, most secure and easy-to-integrate HSM solutions available. They facilitate regulatory compliance and deliver the highest levels of data and application security for enterprise, financial, government, and other organizations that need to protect their data.

Contact Our Service Experts

Related Products