DigiCert® Secure Software Manager

Secure. Automate.
Manage. Audit.  

Gain full control and visibility over key protection and digitally
sign code and software without interruption or delay
to your business and development processes.

Secure Code Signing Key Protection for Developers and Users

From office software to mobile apps to supply chain, code vulnerabilities present an enticing opportunity for bad actors to gain access to private personal and business information by taking advantage of vulnerabilities in communication, file transfer, CI/CD and the DevOps process.

Full Private Key Protection. Simple Management Service.

DigiCert Secure Software Manager is built to ensure code signing key protection while delegating cryptographic operations, signing activities and management—all in an easy-to-use platform that gives you the ability to audit and control your full code signing security landscape.  


Sign more than code 

With DigiCert Secure Software Manager, you can protect and manage everything from containers to images. Our end-to-end key and signing management solution secures communication, DevOps processes and assets—all without interruptions, delays, or the need to give up control of your data. .

Software & Applications
Scripts & XML

Secure a variety of applications and uses

DigiCert Secure Software Manager seamlessly signs high volumes of key certificates with high levels of automation. Our flexible solution easily integrates across a wide variety of use cases.

  • Mobile Apps - Android and iOS
  • Public Trust signing - Microsoft
  • Private Trust signing - Roots dedicated to customer
  • Container and Docker - Customizable options
  • IoT devices - Up and down to devices in the field

Protect private key usage and signatures

With DigiCert Secure Software Manager, key access and usage is always in control. 
  • Prevent unauthorized use and remediate threats
  • Safely store keys offline for on-demand access
  • View keypairs and associated certificates in suspension pending investigation
  • Monitor 24/7 with reporting and auditing
  • Efficiently manage code signing activities in a single dashboard 

Sign faster and easier on more platforms 

A wide range of signing and management options make it easy to secure your code.
  • Leverage hash signing to reduce latency and upload times 
  • Eliminate the need for your own HSM
  • Make use of options for dedicated and shared private root
  • Integrate and automate code signing with CI/CD processes 

End-to-end key management encryption is easy, with strong granular controls over certificates and key pairs, so you can suspend, revoke, or backdate to minimize any negative impact on your delivery process. And, our management platform works for all keys, not just those from DigiCert. Import, export and test sign any certificate from a central interface.


DigiCert Secure Software Manager works with a variety of file types, including 

OpenSSL  |    JAVA    |    Authenticode    |    Android    |     GPG     |     RPM    |    Debian   |   Docker  |  Nuget   |   ClickOnce 


Sign with compliance

Thanks to code signing, key security and app integrity, your intellectual property is protected. Files are hashed, so nothing is uploaded to the cloud. This makes it easy to meet internal business policies. More, DigiCert strictly adheres to code signing industry requirements like public trust, multi-factor access and HSMs for key storage, so your property and processes are always in compliance.  


How DigiCert ensures compliance

  • State-of-the-art data centers power modern PKI
  • Cloud-generated keys can be never be shared, lost or stolen
  • Permission-based access gives you control over who signs apps
  • All traffic is encrypted over HTTPS
  • Cryptographic library standards implemented using PKCS#11, Microsoft CNG/KSP, Apple KryptoTokenKit and others

A more flexible approach 

As part of a suite of modern PKI solutions inside DigiCert ONE, DigiCert Secure Software Manager is designed and built to be highly scalable and available. 

Deploy on-premises, in-country, cloud or hybrid to meet stringent requirements, regional compliance, custom integrations and air-gapped imperatives.

Stand up in a fraction of the time with container-based architecture, and enjoy near instantaneous dynamic ICA creation, no matter how many millions of devices you’re managing.  

Easily monitor and manage your entire security ecosystem from a single pane with full administrative tools, including advanced permissions and access controls.  

Mitigate risk and eliminate lapses with automated orchestration, continual updates, optimization and award-winning support.  


Agility and speed are crucial to the CI/CD process. But so is security. Without the right tools and implementation for best practices for signing, your code, software, and apps are vulnerable to attack.

DigiCert Secure Software Manager is more than a code signing service. It's a mindset that actually closes the DevOps loop.

Secure Software Manager Resources


DigiCert Secure Software Manager


DigiCert ONE


Apache Success Story

Learn more about how DigiCert Secure Software Manager
delivers trust and identity

I’m interested in: (check all that apply)
  • 1-5 TLS/SSL Certificates
  • PKI for Enterprises
  • 5-20 TLS/SSL Certificates
  • Private PKI & S/MIME
  • Enterprise TLS/SSL Options
  • DigiCert Partner Program
  • TLS/SSL Management Tools

By clicking Submit you agree to DigiCert, Inc. or its affiliates processing your data in accordance with DigiCert's Privacy Policy.