SignPath code signing (via SignPath Foundation)
Free code signing service and an OV-level code signing certificate issued to SignPath Foundation, with the private key stored on the Foundation's HSM. Supports signing EXE, MSI, Docker images, Office macros and more, with CI/CD pipeline integration (GitHub Actions, Azure DevOps, Jenkins), audit trails and policy enforcement, at no cost.
Eligibility: for the project; OSI license required; public repo required; OSI-approved license without commercial dual-licensing for all components; project must already have released the software in the form to be signed (no release history = not eligible).
How to apply: Apply at signpath.org ("Apply for Free Code Signing") with the project's repository URL, download page URL and description; the Foundation reviews eligibility.
last verified 2026-07-06