One of the Prerequisites for uploading a Module through the Policy Manager is that Modules must be signed. Unsigned Modules or Unverified Signed Modules will be rejected to prevent Malware. 

How can custom assertions be signed so they are able to be uploaded via 'Manage Server Module Files'?

Currently, Broadcom does not provide customers with the ability to sign custom assertions.

To have them signed by support please follow these steps:

1) Open a case with the API Gateway Support Team through the CA Support Portal (https://support.broadcom.com/) requesting a custom assertion to be signed

2) Attach the Modules file(s) to the case.

The team will sign the assertion(s) and provide the resulting file(s) back to you via the case.

This is an option only available to our Tech Partners.  If you have not done so, follow this link and register as a tech partner to be able to have a custom assertion signed.

https://www.broadcom.com/how-to-buy/software-partners/tech-partners