Jsign is a Java implementation of Microsoft Authenticode that is platform independent and provides an alternative to native tools like osslsigncode on Linux and SignTool on Windows or the Mono development tools on Unix systems.
Integrate Jsign with Sign Manager Controller (SMCTL) for simplified signing. Alternatively, you can sign directly with Jsign and reference your private key stored in DigiCert® KeyLocker.
Use Jsign to sign and timestamp executable files for Windows, Microsoft installers (MSI), and Scripts (PowerShell, VBScript, JScript, WSF). For more information, refer to Files supported for signing.
Tip
Use Jsign version 4.1 or higher to sign files larger than 100MB. To avoid errors when signing large files, use osslsigncode instead of jsign.
The installation command differs based on your operating system:
Operating systems use the environment variable called PATH to determine where executable files are stored on your system. Use the PATH environment variable to store the file path to your signing tools to ensure that the CLI can reference these signing tools.
You can set the PATH environment variable to jsign using command line.
Jsign uses a configuration file to integrate with DigiCert® KeyLocker PKCS11 library.
Follow these instructions to download DigiCert® KeyLocker PKCS11 library and create the configuration file.
You can sign with Jsign directly or via DigiCert's signing tools integrated with Jsign: