jsign
jsign は、Microsoft AuthenticodeのJava 実装で、Windows、Microsoft Installers (MSI)、スクリプト(PowerShell、VBScript、JScript、WSF)の実行ファイルに署名とタイムスタンプを付けることができます。jsign はプラットフォームに依存せず、Windows 上の signcode/signtool や Unix システム上の Mono 開発ツールなどのネイティブツールに代わるものを提供するものです。
Integrate Jsign with Signing Manager Controller (SMCTL) for simplified signing. Alternatively, you can sign directly with Jsign and reference your private key stored in Software Trust Manager.
ヒント
Jsign is compatible for signing on Windows, Linux, and macOS.
What can Jsign be used to sign?
Use Jsign to sign and timestamp executable files for Windows, Microsoft installers (MSI), and Scripts (PowerShell, VBScript, JScript, WSF). For more information, refer to Files supported for signing.
jsign のインストール
ヒント
Use Jsign version 4.1 or higher to sign files larger than 100MB. To avoid errors when signing large files, use osslsigncode instead of jsign.
The installation command differs based on your operating system:
Set PATH environment variables
Operating systems use the environment variable called PATH to determine where executable files are stored on your system. Use the PATH environment variable to store the file path to your signing tools to ensure that the CLI can reference these signing tools.
You can set the PATH environment variable to jsign using command line.
Download and configure PKCS11 library
Jsign uses a configuration file to integrate with Software Trust Manager PKCS11 library.
Follow these instructions to download Software Trust Manager PKCS11 library and create the configuration file.
署名
ヒント
This configuration procedure is required for signing with jsign and sign4j using SMCTL.
Sign with Jsign
You can sign with Jsign directly or via DigiCert's signing tools integrated with Jsign: