DigiCert KnowledgeBase - Technical Support-hero

Knowledge Base

Account Setup vs. Signing Rights in KeyLocker: Ensuring Proper Permissions

Solution ID : INFO148
Last Modified : 10/30/2024

 

Many customers set up their KeyLocker accounts without realizing that the actual person who will sign the code may not have the necessary permissions. This guide aims to clarify the distinction between setting up a KeyLocker account and ensuring the correct users have signing rights.

Understanding KeyLocker Account Setup vs. Signing Rights

  • KeyLocker Account Setup: When a customer sets up a KeyLocker account, it provides access to the platform but does not automatically assign signing rights to all users.

  • Signing Rights: The person signing the code must be explicitly granted the proper permissions to sign. Without these permissions, the signer will be unable to complete the code signing process.

 

Key Scenarios Where Signing Rights Are Missed

  • Scenario 1: An admin sets up the KeyLocker account but does not sign code. The actual signer does not have sufficient permissions.

  • Scenario 2: A team member configures the KeyLocker environment but does not that realize signing permissions have not been transferred to the person responsible for code signing.

 

How to Assign Signing Rights:

  1. Admins should verify the team members who need signing rights.
  2. Log in to DigiCert ONE to assign or delegate signing permissions to the designated signer.
  3. Ensure that all necessary users have the correct roles to sign code.

 

To prevent disruption in your code signing workflow, it is critical to assign the correct permissions to the intended signers. Always ensure that the account setup includes proper role assignments to avoid potential delays.