Skip to main content
Skip table of contents

SignWrapper-GPG

ENTERPRISE

The SignServer SignWrapper-GPG replaces the gpg (GnuPG) command usage with SignClient for specific use cases. This is a wrapper script around the SignClient signdocument command:

CODE 
USAGE: /opt/signserver/bin/signwrapper-gpg <-u WORKERNAME> <-o OUTFILE.sig>

Usage

Configure the tool requiring a gpg command to instead use the path to the signwrapper-gpg tool. Make sure to set the required environment variables so they are available when that tool is executed.

The signwrapper-gpg tool is available with SignServer Enterprise software and in the SignClient Enterprise bundle.

Requirements

  • Bash

  • SignClient

SignClient Finding

Unless the signwrapper-gpg script is kept in SignClient folder, make sure an environment variable is set so the script can find SignClient. Set either SIGNCLIENT_CMD to point to the bin/signserver script or set SIGNCLIENT_HOME or SIGNSERVER_HOME to point to the folder with the SignClient distribution.

SignClient Configuration

Worker name is provided as the -u WorkerName option. Additionally, the following environment variables are considered:

  • SIGNCLIENT_HOSTS: Value for the -hosts HOSTS SignClient parameter is the hostname or IP-address of the SignServer host or a comma separated list of hosts.

Example: signserver1.example.com

  • SIGNCLIENT_PORT: Value for the -port PORT SignClient parameter is the TCP port on the SignServer host to use.

Example: 8080

  • SIGNCLIENT_PARAMS: (Optional) Value for any extra paramaters to put on the SignClient command line.

Example: -truststore TRUSTSTORE -truststorepwd PWD

RPM Signing

The SignWrapper-GPG can leverage the SignClient for securing RPM packages. For step-by-step setup instructions, see Code Signing with RPM Signatures.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close