Code Signing
Use Code Signing to create digital signatures that prevent unauthorized or tampered External Communication Channel (ECC) queue records from being processed by MID Servers. This cryptographic verification helps maintain the integrity of integrations between ServiceNow and external systems.
Code signing and Circle of Trust
The Circle of Trust (COT) is a prerequisite for Code Signing that creates secure communication between your trusted and production instances to ensure that only authorized users can access the Code Signing feature.
Multiple security measures help to prevent malicious actors from disabling or misusing code signing in the case a production instance is compromised. As part of the defense-in-depth strategy, the COT uses the following components:
- Controls that restrict even the most powerful administrator accounts are established in the production instance to help protect Code Signing processes and configuration.
- Trusted instances are required to work together with production instances to establish the Circle of Trust relationship. At least one trusted instance is required, but multiple trusted instances may be configured to collaborate with the production instance.
Figure 1. Circle of Trust overview The Circle of Trust uses jobs, scripts, and business rules along with a key pair to generate signatures to sign update sets to the production instance. When the job is called, the signature is verified along with the trusted certificate to execute production instance updates.
Figure 2. Trusted update sets process Figure 3. Code Signing flow
The Circle of Trust requires an initial trust relationship between trusted and production instances that prevents any unauthorized user with any authorization level from accessing unapproved activities.
Get started
Use |