About the integration
This guide describes how to enable HSM integration with Microsoft Authenticode.
Microsoft Authenticode
Microsoft Authenticode is a code-signing technology that identifies the publisher of Authenticode-signed software. It also verifies that the software has not been tampered with since it was signed and published. Authenticode uses cryptographic techniques to verify publisher identity and code integrity.
Authenticode relies on proven cryptographic techniques from Microsoft and the use of one or more private keys to sign and timestamp published software. From a security point of view, it is important to maintain the confidentiality of these code signing keys. The CryptoServer Hardware Security Module (HSM) integrates with Microsoft Authenticode to provide a trusted system for protecting the organizational credentials of a software publisher. The CryptoServer HSM secures the code signing keys on a certified industry standard FIPS 140-2.
This integration guide covers all the necessary information to install, configure and integrate Microsoft Authenticode with Utimaco Hardware Security Modules (HSM). The benefits of using an HSM with Microsoft Authenticode include:
- Private key will be securely stored on HSM
- Hardware is FIPS 140-2 level 3 validated
- Trusted timestamp (TSS) for Authenticode.
Refer to the Microsoft documentation, for more information about installing Microsoft Authenticode.
UTIMACO CryptoServer HSM
CryptoServer is a hardware security module developed by UTIMACO IS GmbH. CryptoServer is a physically protected specialized computer unit designed to perform sensitive cryptographic tasks and to securely manage as well as store cryptographic keys and data. It can be used as a universal, independent security component for heterogeneous computer systems.
Are you interested in this document?
Simply add it to your collection. You can request access to this and other documents in your collection all at once via the blue basket on the right.
