Click the PKI-by-PrimeKey-SignServer-logo to visit www.signserver.org
Search signserver.org for:
Click here to learn about PrimeKey Support Services!

News and Info

SignServer 3.6.2 is now out! Visit the download section to get SignServer.
Posted: 2014-11-28

Main Features of SignServer!

See complete list of features
Posted: 2014-10-24

Stronger Safety with PrimeKey's Appliance! By integrating secure hardware technology with the flexibility, reliability and feature set of SignServer Enterprise (or EJBCA Enterprise), the turnkey Appliance features an easy to install PKI-in-a-box, offering predictable costs and increased quality to your PKI solution. Check out the simpler, yet safer, PrimeKey PKI Appliance.
Posted: 2014-10-24

What is SignServer?

SignServer is an application framework performing cryptographic operations for other applications. It's intended to be used in environments where keys are supposed to be protected in hardware but it isn't possible to connect such hardware to existing enterprise applications or where the operations are considered extra sensitive so the hardware has to be protected more carefully. Another usage is to provide a simplified method to provide signatures in different application managed from one location in the company.

SignServer is based on loadable modules that perform various operations. SignServer has ready to use modules for:

  • TimeStamp Authority (RFC 3161 compliant and MS authenticode)
  • Signers for different documents: PDF, XML, XAdES (BES and T), ODF, OOXML, MRTD (ePassport document signer)
  • General purpose signers: CMS
  • Validators for documents: XML, XAdES-BES, XAdES-T

The modules can be used using HTTP or web services interfaces. SignServer also contains functions for:

  • Certificate Validation Service Framework for validating certificates using CRLs or OCSP

SignServer has been designed for high-availability and can be clustered for maximum reliability.

Different kinds of tokens can be used to perform sign and crypto operations:

  • Soft token using JKS or PKCS12 files.
  • PKCS#11 HSM tokens, such as the Utimaco CryptoServer, SafeNet ProtectServer and Luna, nCipher nShield or AEP KeyPer.

What's new in SignServer 3.6?

Some of the major new features in version 3.6 are:

  • Independent worker and crypto token configuration
  • Underlying CESeCore library upgraded
  • Separation between community and enterprise editions
  • New application: SignServer TimeMonitor (enterprise edition)
  • Querying of database archive from WS and GUI
  • Support for specifying HSM slot by label
  • HSM keep alive service

More information can be found in the manual or in the changelog.

Open Source Software

SignServer is OSI Certified Open Source Software. OSI Certified is a certification mark of the Open Source Initiative.

The source code of SignServer is hosted in a (mostly) public Subversion repository and downloads including ones with the complete source code can be downloaded from SourceForge.

Support and development

Commercial support, development, integration and maintenance for SignServer is available through PrimeKey Solutions.