After completing code writing or compilation, commercial software and application developers can use PKI mechanisms and trusted third-party digital certificates to sign their software before distribution. This prevents unauthorized tampering or repackaging by unknown parties. When customers download or execute the program via the internet, the digital signature verifies the software's origin and integrity, ensuring it remains untampered.
Integrating over 20 years of practical expertise in PKI R&D, Changing Information Technology (Ciot) introduces the Code Signing System to protect creators' rights. During software release, developers no longer need to bear the risk and pressure of potential third-party tampering. With signing certificates, the system eliminates malicious duplication and impersonation. By utilizing Hardware Security Modules (HSM) and Code Signing Certificates within a secure environment, it ensures program integrity, authenticity, and correctness. This silently enhances corporate image, strengthens brand trust with users, and avoids catastrophic aftermaths and corporate losses.
Strengthen trust between the brand and users
Prevent users from downloading harmful files
Increase priority in user procurement
Protect developers' intellectual property rights
Log in to the management portal to upload files; download the signed program directly upon completion.
Supports file uploading/downloading from local or network paths.
Simplified Workflow: Enables operators to upload files followed by authorized supervisors performing the signing task.
Integrate with external systems via RESTful API as a critical signing stage in the software release process.
Capable of integrating with CI/CD systems, such as GitLab.
Virtual Machine (VMware ESXi, Microsoft Hyper-V)
Appliance (1U Server / Raspberry Pi)
Thales/Gemalto
Utimaco
UltraAEP
Software Key Vaults
Microsoft Family: exe, dll, msi/msix, cab, sys, cpl
Java Family: jar, war, ear, etc.
Other Types: Android APK, BIOS/System Firmware (bin, rom, img), etc.