Signotaur is a powerful self-hosted server designed to simplify and secure remote code signing. It
serves as a
centralized hub for managing signing certificates, integrating seamlessly with your continuous
integration (CI) systems
to streamline your development process.
Key Features
- BYOK (Bring Your Own Keys) - Use your own Organizational Validated (OV) or
Extended Validation (EV) certificates.
- Uncompromising Security - Your private keys stay safely within your server,
never leaving the hardware security module
(HSM), token, or server itself.
- Unlimited Signing - No signing limits, unlike cloud-based services that may
impose restrictions.
- Effortless CI Integration - Easily integrate with your CI/CD pipelines,
automating your code signing process.
Why Choose Signotaur?
Code signing keys are prime targets for supply chain attacks, which is why Signotaur ensures your
keys remain secure.
With strict access control and administrator oversight, you maintain full control over who can
access your certificates
and perform signing operations.
Supported Certificate Sources:
- Hardware Security Devices: YubiKey, SafeNet eToken, and other PKCS#11-compliant
devices (HSMs).
- File-Based Certificates: Including PFX files.
- Windows Certificate Store: Easy integration with the Windows certificate store.
Easy Signing with Signotaur:
The Signotaur client offers an intuitive command-line interface, making it easy to integrate into
your existing build
scripts and CI/CD workflows. With API keys instead of password prompts, you’ll experience a
simple, secure signing process.