Skip navigation
Menu
Software Development>Development Techniques and Management

Securing Your Private Keys As Best Practice for Code Signing Certificates

Downloads
Securing Your Private Keys as Best Practice for Code Signing Certificates.pdf

Code signing is a technology that uses digital certificates and the public key infrastructure to sign program files so that users can authoritatively identify the publisher of the file and verify that the file hasn’t been tampered with or accidentally modified. As with other PKI technologies, the integrity of the system relies on publishers securing their private keys against outside access.

Companies that are diligent and willing to invest in the appropriate security measures can make the compromise of their private keys highly unlikely. Changes in developer processes may be necessary, but these should not impose serious inconvenience. 

This paper describes recent security breaches and why they may have happened. It also discusses best practices, especially for the Windows platform, which can help to safeguard the private keys associated with code signing certificates.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
Microsoft's GitHub offices
Microsoft’s AI Copilot Is Starting to Automate the Coding Industry
Apr 17, 2024
digital world map on warehouse background
How To Build an International Shipping Software System
Jan 30, 2024
artificial intelligence concept art
Top 10 AI Stories of 2023
Dec 19, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023