Selecting the right key model for your signing service

DigiCert Secure App Service (SAS) supports three signing key models as recommended by major software and operating system vendors.

Unique keys

Also known as a single use model. In this model, SAS generates a new certificate for each signing event. Every signing set has a 1-1 relationship with a unique certificate.

Your keys are never at risk of compromise, as they are used only once. When you revoke a certificate, only one signing set is affected. This is the safest signing key model.

This model is recommended for Java applications.

On-demand keys

Also known as on-demand pool model or fixed-certificate pool model. Keys are retained in a pool and assigned a friendly name for easy identification. When you submit an application for signing, you can choose an existing certificate or create a new one.

In this model, you maintain multiple signing certificates for a single signing service.

This model is ideal for Android applications, as the Android platform requires you to use the same certificate for every release of an application.

Rotating keys

This model cycles through a pool of certificates instead of using the same one each release. Keys are generated as needed and must be unique across a set number of days (1, 8, or 15). The keys are reused once the number of days is reached.

Microsoft gives higher levels of reputation to applications using this model. This model is required for signing files that are used on Microsoft operating systems (.dll, .exe, etc.).

We use this model for all our Microsoft-based signing services.

Which signing key model should I use?

Select a key model based upon the signing service platform or your own requirements or policies. For example, the on-demand signing model is often used for Android applications, but it can be used with other signing services as well.

Recommend key models by file type:

  • Java files: Unique keys
  • Android files: On-demand keys
  • Microsoft files: Rotating keys
  • Other files (default): Unique keys

All signing models are enabled by default on SAS. When you select a signing service (for example, Authenticode signing) the platform automatically selects the relevant model for you (the pool of rotating keys in this instance). You can modify this setting to align with your needs and to maximize your application security.

We use cookies to ensure that we give you the best experience on our website. By using this site, you agree to the Terms of Service.