Signing service

Short description

A service for storing keys and signing messages.

Detailed description

The signing service provides Launchpad with a way to sign important objects such as boot loaders, kernel images, kernel modules, or archive metadata, while isolating private keys so that other components of Launchpad cannot read them directly.

It exposes authenticated and encrypted HTTP interfaces for generating keys, injecting keys that were generated elsewhere, and signing data.

It is used both by Launchpad itself and by some other services within Canonical, such as the Snap Models Service.


Official documentation

Git repository

Main repository

Bug tracker

Bug tracker


Log files

See FreshLogs documentation.


  • rless il3-signing1.lp.internal::lp-signing-gunicorn-logs/gunicorn.log

  • rless il3-signing2.lp.internal::lp-signing-gunicorn-logs/gunicorn.log


  • rless

  • rless

Common support cases

More information

Launchpad services diagram