macOS
brew install jsignlocal Homebrew formula metadata
brew
Tool for signing Windows executable files, installers and scripts. Version 7.4 via Homebrew; verified 2026-06-11.
install
brew install jsignlocal Homebrew formula metadata
nix profile install nixpkgs#jsignnixpkgs package indexes · pkgs/by-name/js/jsign/package.nix · source: api.github.com
scoop install main/jsignScoop official bucket manifest trees · bucket/jsign.json · source: api.github.com
overview
Tool for signing Windows executable files, installers and scripts
history
Jsign is a Java implementation of Microsoft Authenticode signing for Windows executables, installers, packages, scripts, and related file formats. Its niche is cross-platform code signing: Linux and macOS build machines can sign Windows artifacts without depending on Microsoft's `signtool` on Windows.
The project presents itself as a platform-independent alternative to native Windows signing tools and Mono development tools. The upstream README emphasizes signing executable wrappers and installers produced by NSIS, msitools, install4j, exe4j, and launch4j, then expands into build-system tasks and a Java library.
Jsign's release history shows steady expansion from Authenticode file signing into modern signing operations. Version 4.1 in May 2022 added SSL.com eSigner integration and improved key/password handling; 5.0 in June 2023 integrated AWS KMS; 6.0 in January 2024 added APPX/MSIX and Dynamics 365 package signing; 7.0 in January 2025 added Azure Trusted Signing, Oracle Cloud, GaraSign, HashiCorp Vault Transit, Keyfactor SignServer, NuGet package signing, signature extraction/removal, and verbosity controls.
Jsign gained practical adoption among teams that build Windows deliverables outside Windows, or that need hardware-token and cloud-KMS signing in CI. Vendor documentation from code-signing providers documents Jsign workflows, reflecting its use as an interoperable third-party signing client rather than only an upstream developer utility.
Common usage is to run the `jsign` CLI with a keystore, alias, password or external signing service, and one or more files to sign or timestamp. The same functionality is exposed through Maven, Gradle, Ant, GitHub Actions, and Java APIs for build pipelines that need repeatable signing steps.
Jsign matters to package people because it turns Authenticode signing into a portable build dependency. That is especially useful for reproducible or cross-platform packaging systems where Windows artifacts are produced on non-Windows infrastructure and private keys live in hardware tokens, PKCS#11 modules, or cloud KMS services.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
jsign | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/ebourg/jsign
install metadata
| Package key | brew:jsign |
|---|---|
| Version | 7.4 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/jsign |
| Homepage | https://ebourg.github.io/jsign/ |
| Repository | https://github.com/ebourg/jsign |
| Upstream docs | https://ebourg.github.io/jsign |
| License | Apache-2.0 |
| Source archive | https://github.com/ebourg/jsign/archive/refs/tags/7.4.tar.gz |
| Last updated | 2026-06-11T20:40:15-04:00 |
| Pulse | updated |
| Dependencies | openjdk@21 |
| Build dependencies | maven |
| Bottle | available (on all) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | jsign |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
jsign
nix profile install nixpkgs#jsignmain/jsign
scoop install main/jsignsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.