jsign は、Microsoft AuthenticodeのJava 実装で、Windows、Microsoft Installers (MSI)、スクリプト(PowerShell、VBScript、JScript、WSF)の実行ファイルに署名とタイムスタンプを付けることができます。jsign はプラットフォームに依存せず、Windows 上の signcode/signtool や Unix システム上の Mono 開発ツールなどのネイティブツールに代わるものを提供するものです。
Integrate Jsign with Signing Manager Controller (SMCTL) for simplified signing. Alternatively, you can sign directly with Jsign and reference your private key stored in Software Trust Manager.
Use Jsign to sign and timestamp executable files for Windows, Microsoft installers (MSI), and Scripts (PowerShell, VBScript, JScript, WSF). For more information, refer to Files supported for signing.
ヒント
To sign files larger than 100 MB, use Jsign version 4.1 or higher.
To avoid errors when signing large files, use osslsigncode instead of jsign.
The installation command differs based on your operating system:
Operating systems use the environment variable called PATH to determine where executable files are stored on your system. Use the PATH environment variable to store the file path to your signing tools to ensure that the CLI can reference these signing tools.
You can set the PATH environment variable to jsign using command line.
Jsign uses a configuration file to integrate with Software Trust Manager PKCS11 library.
Follow these instructions to download Software Trust Manager PKCS11 library and create the configuration file.
You can sign with Jsign directly or via DigiCert's signing tools integrated with Jsign: