Code signing essentially relies on a Public Key Infrastructure, which means code signing certificates are made out of a pair of public and private key – the public key is signed by a trusted Certificate Authority such as DigiCert, and the private key is kept by the owner and used to sign the code to secure. Although the technology behind code signing certificates is proven, managing them – and by extension managing the private keys – is an activity that can be very complex, especially when the key owner(s) do not understand their value. In order to help customers to solve for the shortcomings in regard to the management of code signing private keys and user access, DigiCert has developed Secure App Service.
