Certificates

The Certificates page in the Admin section of Signotaur allows administrators to manage certificates used by the Signotaur client for code-signing.

alt text

A sortable, filterable table displays all registered certificates and can be searched by alias or subject.

Adding a New Certificate

To add a certificate, click Add New Certificate. A dialog will open where you can enter certificate details.

Add a certificate dialog

Signotaur supports three certificate types, each accessible via its own tab:

  • Hardware: Loaded from a server hardware token or HSM via PKCS#11, a cryptographic token interface standard.
  • File: Uploaded PFX (Personal Information Exchange) files containing certificates and private keys.
  • Store: Certificates stored in the Windows Certificate Store.

Click each heading for more details on adding each certificate type.

Enabling/Disabling a Certificate

To enable or disable a certificate for signing, toggle the checkbox in the Enabled column of the certificates table.

Viewing a Thumbprint

Show Thumbprint button To view a certificate's thumbprint, click the Show Thumbprint button next to its entry. A dialog will open where you can view and copy the thumbprint.

Assigning User Access

Assign User Access button To assign certificates to users, click the Assign User Access button next to the certificate entry.

In the dialog which opens, use the dropdown to select one or more non-admin users to assign the certificate to, then click Save.

Assigning User Access dialog

Note: Only non-admin users can be assigned this way, as admin users automatically have access to all certificates.

Updating the Password

Update Password button PKCS#11 certificate passwords can expire. To update the registered password for a certificate, click the Update Password button next to the certificate entry.

In the dialog which opens, enter the password and a password confirmation, then click Save.

Update Certificate Password dialog

Note: Passwords can only be updated for PKCS#11 certificates.

Deleting a Certificate

Delete button To delete a certificate, click the Delete button next to its entry, then confirm to permanently remove it.