Code Signing Help

Java Code Signing

Download the Digital Certificate From Control Center

You will receive an email from SecureTrust™ with the certificate attached to the email. The filename will be similar to YourCompanyName.cer. Copy this file to your code signing computer and place it in the directory where you will keep your code signing certificates.

To install your certificate, run the following command:

You will receive a message stating, "Certificate reply was installed in keystore". If you are asked to trust the certificate, type yes. Your code signing certificate has been installed and is ready to use.

Best practices for code signing

The most important thing for you to do when signing your code is to use the SecureTrust timestamping service ( to place a timestamp on the certificate signature. The use of a timestamp from SecureTrust when signing your code with the SecureTrust certificate will allow your code to continue to be trusted after that certificate expires.

Signing Java .jar files with Jarsigner

To sign your file, run the following command:

To verify that the .jar file was signed successfully, run the following command:

If your code was properly signed, you will see the following line in your output: