Code Signing creates digital signatures for the data which later are checked to confirm the authenticity and integrity of the data. Code Signing is a module licensed as a component of ServiceNow Vault.

Code signing and Circle of Trust

The Circle of Trust (COT) is a prerequisite for Code Signing that creates secure communication between your trusted and production instances to ensure that only authorized users can access the Code Signing feature.

Multiple security measures help to prevent malicious actors from disabling or misusing code signing in the case a production instance is compromised. As part of the defense-in-depth strategy, the COT uses the following components:

  • Controls that restrict even the most powerful administrator accounts are established in the production instance to help protect Code Signing processes and configuration.
  • Trusted instances are required to work together with production instances to establish the Circle of Trust relationship. At least one trusted instance is required, but multiple trusted instances may be configured to collaborate with the production instance.
    Figure 1. Circle of Trust overview
    Diagram of the defense in depth concept.

    The Circle of Trust uses jobs, scripts, and business rules along with a key pair to generate signatures to sign update sets to the production instance. When the job is called, the signature is verified along with the trusted certificate to execute production instance updates.

    Figure 2. Trusted update sets process
    Shows the relationship between trusted and production instances.
    Figure 3. Code Signing flow
    Demonstrates the relationship flow of Code Signing.

The Circle of Trust requires an initial trust relationship between trusted and production instances that prevents any unauthorized user with any authorization level from accessing unapproved activities.

Get started

Troubleshoot and get help