facebook

Configuring Signing Certificates

A signing certificate installed on your server identifies your server and indicates to users that content being transferred is secure. Providing a signing certificate on the delivery hub automatically signs imported third-party libraries with your certificate. In addition, you can configure your signing certificate to sign package installers generated by SDC.

In this tutorial, you will learn how to:

  • Provide a signing certificate for third-party libraries
  • Configure a signing certificate for installers

1. Provide a Custom Signing Certificate for Third-Party Libraries

  1. Click System under Administration in the Admin Console navigation.
  2. On the System Administration page, click the Signing tab.


    Signing certificate settings
  3. Click Upload Keystore.


    Configuring a signing keystore
  4. Browse for the keystore file, and enter your keystore password. After you choose the file and enter the keystore password, the alias appears, and you can enter the signing key password.
  5. Enter the TSA timestamp URL supplied by your keystore vendor, or leave this field blank.
  6. Click Upload Keystore.

Note: Unsigned libraries imported before the certificate was loaded will NOT be signed.

2. Configure a Signing Certificate for Windows or OS X Installers

OS X Mountain Lion and Windows 8 operating systems require applications downloaded from the Internet to be signed. Therefore, the SDC installers generated for users must be signed.

  1. Obtain a signing certificate for your operating system from a Certificate Authority, and install it on the delivery hub machine.
  2. Download and install the signing agent that automatically signs installers on your delivery hub machine.
  3. Click System under Administration in the Admin Console navigation.
  4. On the System Administration page, click the Signing tab.


    Signing certificate settings
  5. Click Configure Signing in either the Windows Installer Signing or OS X Installer DMGs & Signing section.


    Windows signing configuration


    OS X signing configuration
  6. Enter the Signer Subject or Signer ID of your installed certificate.
  7. Enter the TSA timestamp URL supplied by your Certificate Authority, or leave this field blank.
  8. Optionally, provide Notarize User, Password and Provider Short Code. This information is needed for compatibility with macOS Big Sur.
  9. Select the Require Signing checkbox if you want to display only signed installers on the portal.
  10. Click Enable Signing.