Skip to main content

Jarsigner

Jarsigner is a tool that allows you to sign and verify .jar files.

Integrate Jarsigner with Sign with SMCTL for simplified signing. Alternatively, you can sign directly with Jarsigner and reference your private key stored in DigiCert​​®​​ KeyLocker.

Astuce

Jarsigner is compatible for signing on Windows, macOS, and Linux.

DigiCert​​®​​ KeyLocker supports JDK version 8 to 17.

What can Jarsigner be used to sign?

Use Jarsigner to sign, timestamp, and verify the following file types:

  • .ear

  • .jar

  • .sar

  • .war

Install Jarsigner

Note

The Java Development Kit (JDK) includes jarsigner and keytool.

Set PATH environment variable

Operating systems use the environment variable called PATH to determine where executable files are stored on your system. Use the PATH environment variable to store the file path to your signing tools to ensure that the CLI can reference these signing tools.

You can set the PATH environment variable to Jarsigner using command line or environment variables.

To set the path to your signing tools:

Download and configure libraries

There are two libraries that Jarsigner integrates with depending on the type of signing you want to do. Identify the type of signing you want to enable and install the associated library.

PKCS11 library

Jarsigner uses a configuration file to integrate with DigiCert​​®​​ KeyLocker PKCS11 library.

Follow these instructions to download DigiCert​​®​​ KeyLocker PKCS11 library and create the configuration file.

KSP library

Jarsigner integrates with DigiCert​​®​​ KeyLocker KSP library to sign.

Follow these instructions to download and register DigiCert​​®​​ KeyLocker KSP library.

Sign with Jarsigner

You can sign directly with Jarsigner or via DigiCert's signing tools integrated with Jarsigner: