Support Site

Welcome to the Support. You'll find comprehensive guides and documentation to help you start working with as quickly as possible, as well as support if you get stuck. Let's jump right in!


On-Premise Support for Increased Security and Control

Rollout’s On-Premise Solution

Rollout has an on-premise solution that provides additional security and full control over the patch deployment process. It provides two important on-premise features:

  • Customer approval before releasing a patch to production devices
  • Signing of patches using a company’s own private key

General Security Background

To ensure patches are not tampered with, and prevent a Man in The Middle (MiTM) attack, Rollout uses a private key / public key security mechanism. When a patch is created it’s signed using a private key. The SDK contains the corresponding public key which is used to authenticate the patch before it’s applied.

Patch deployment process

Initial One-time Setup

  1. Developer downloads the Rollout SDK installer to their local machine.
  2. Developer updates the Rollout SDK with the client’s own certificate (which includes the public key).
  3. Client installs the Rollout on-premise service on their own server.

Creating and Deploying a Patch

  1. Developer logs in to
  2. Developer creates a patch and tests it using the simulator or test devices.
  3. When the developer changes the patch status to production, Rollout's back-end updates the patch's status to Pending Production and sends an approval request to the client’s on-premise approval service.
  4. When the client is ready to approve the request, the client signs the patch with their own private key.
  5. The client sends the patch back to Rollout to a pre-determined endpoint (more details available on the reference implementation's
  6. Rollout's back-end validates the integrity of the patch, then changes the patch's status from pending to production and deploys the patch to the cloud (CDN).

Device Update

  1. When the client’s app is launched on a production device, the device makes a call to Rollout’s CDN and the device downloads the patch.
  2. Rollout’s SDK checks the patch signature using the client’s own public key (which included in the certificate provided by the client).
  3. If the patch is authenticated, it is applied to the app.

On-Premise Support for Increased Security and Control