> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dify.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Sign Plugins for Third-Party Signature Verification

> Enable signed `.difypkg` installation in Dify Community Edition without disabling signature verification entirely (generate keys, sign packages, distribute the public key)

<Warning>
  Third-party signature verification is a **Dify Community Edition** feature. Dify Cloud manages signatures centrally and does not expose these controls.
</Warning>

Self-hosted Dify enforces signature verification by default. Third-party signature verification lets administrators safely install plugins that are not on the Marketplace without disabling verification entirely.

Two scenarios:

<CardGroup cols={2}>
  <Card title="Admin signs an approved plugin" icon="user-shield">
    The admin reviews a `.difypkg` from a trusted developer and signs it with their own key before installing.
  </Card>

  <Card title="Developer ships a signed plugin" icon="key">
    The developer signs the `.difypkg` and publishes the matching public key. Admins who trust the developer add that public key to the verification list.
  </Card>
</CardGroup>

The mechanics are the same in both cases: generate a key pair, sign with the private key, verify with the public key.

## Generate a Key Pair

```bash theme={null}
dify signature generate -f your_key_pair
```

Two files appear in the current directory:

| File                        | Use                                |
| :-------------------------- | :--------------------------------- |
| `your_key_pair.private.pem` | Sign plugins (keep secret)         |
| `your_key_pair.public.pem`  | Verify signatures (share publicly) |

<Warning>
  Guard the private key. Anyone who has it can sign plugins that pass verification on installations trusting your public key.
</Warning>

## Sign and Verify a Plugin

<Steps>
  <Step title="Sign the package">
    ```bash theme={null}
    dify signature sign your_plugin_project.difypkg -p your_key_pair.private.pem
    ```

    Produces `your_plugin_project.signed.difypkg` in the same directory.
  </Step>

  <Step title="Verify the signed package">
    ```bash theme={null}
    dify signature verify your_plugin_project.signed.difypkg -p your_key_pair.public.pem
    ```

    Confirms the signature matches before you distribute or install.
  </Step>
</Steps>

<Info>
  If you omit `-p`, `dify signature verify` checks against the Dify Marketplace public key. Any plugin not signed by Dify will fail verification in that mode.
</Info>

## Enable Verification on the Daemon

Admins install signed plugins by giving the plugin daemon a list of trusted public keys.

<Steps>
  <Step title="Place the public key">
    Put the `.public.pem` file somewhere the daemon container can reach it. For Docker Compose installs:

    ```bash theme={null}
    mkdir -p docker/volumes/plugin_daemon/public_keys
    cp your_key_pair.public.pem docker/volumes/plugin_daemon/public_keys/
    ```
  </Step>

  <Step title="Configure the daemon environment">
    Set these variables on the `plugin_daemon` service:

    | Variable                                         | Value                                                     |
    | :----------------------------------------------- | :-------------------------------------------------------- |
    | `FORCE_VERIFYING_SIGNATURE`                      | `true`                                                    |
    | `THIRD_PARTY_SIGNATURE_VERIFICATION_ENABLED`     | `true`                                                    |
    | `THIRD_PARTY_SIGNATURE_VERIFICATION_PUBLIC_KEYS` | Comma-separated paths to public keys inside the container |

    A `docker-compose.override.yaml` snippet:

    ```yaml theme={null}
    services:
      plugin_daemon:
        environment:
          FORCE_VERIFYING_SIGNATURE: true
          THIRD_PARTY_SIGNATURE_VERIFICATION_ENABLED: true
          THIRD_PARTY_SIGNATURE_VERIFICATION_PUBLIC_KEYS: /app/storage/public_keys/your_key_pair.public.pem
    ```

    <Note>
      `docker/volumes/plugin_daemon` mounts to `/app/storage` inside the container, so the path in `THIRD_PARTY_SIGNATURE_VERIFICATION_PUBLIC_KEYS` must use the in-container path.
    </Note>
  </Step>

  <Step title="Restart Dify">
    ```bash theme={null}
    cd docker
    docker compose down
    docker compose up -d
    ```

    Verified installs are now enforced: signed `.difypkg` files matching the configured public keys install cleanly; unsigned or mismatched ones are rejected.
  </Step>
</Steps>

## Related Resources

* [Package as Local File and Share](/en/develop-plugin/publishing/marketplace-listing/release-by-file)
* [Publish to Individual GitHub Repository](/en/develop-plugin/publishing/marketplace-listing/release-to-individual-github-repo)
* [Plugin Development Guidelines](/en/develop-plugin/publishing/standards/contributor-covenant-code-of-conduct)
* [Publishing FAQ](/en/develop-plugin/publishing/faq/faq)
