Code Signing for Java

Digitally Sign .jar Files and Java Apps


GlobalSign Code Signing Certificates for Java are used to sign .jar files and Java applications for desktop and mobile devices and are recognized by Java Runtime Environment (JRE).

Digitally signing your .jar files and Java applications protects your code against tampering and binds your identity to the code, assuring end users that the code originated with you and can be trusted.

Security warnings that typically appear when downloading unsigned code are removed

Why Sign Code?

Unsigned Code


Signed Code


Unsigned Java applications display warnings to the end user that the digital signature cannot be verified by a trusted source and advises they only continue with the install if they trust the origin of the application.

Scary security alerts are removed when the Java application is signed. End users can clearly see the publisher of the file and are informed that the digital signature has been verified by a trusted source.

Featured Benefits

Removes "Unknown Publisher" security warnings when code is downloaded
Signature does not expire due to timestamping service, even after the certificate expires
Sign an unlimited number of apps
Protect your brand and reputation
Choose the private key storage option that works best for you - a GlobalSign-provided cryptographic token, your own HSM, or Azure Key Vault

Standard Code Signing Certificates Extended Validation (EV) Code Signing Certificates
Certificate Features
Information displayed in Certificate Organization Name Organization Name
Organization address
Type of Organization
Removes "unknown publisher" security warnings icon-checkmark.png icon-checkmark.png
Signature does not expire when Time Stamping is applied Time stamping available and recommend Time stamping available and recommend
Sign an unlimited number of applications icon-checkmark.png icon-checkmark.png
Compatible with major platforms (Authenticode, Office VBA, Java, Adobe AIR, Mac OS, Mozilla) icon-checkmark.png icon-checkmark.png
Key storage options - Cryptographic USB token (included)^
- HSM*
- Azure Key Vault
- Cryptographic USB token (included)^
- HSM*
- Azure Key Vault
Immediate reputation with Microsoft SmartScreen No icon-checkmark.png
1 year - -
2 year - -
3 year - -
Buy Now Buy Now
Learn More

*GlobalSign allows standard and EV Code Signing Certificates to be installed on customer HSMs or in Azure Key Vault. Contact us for more information about these deployment options.
^USB token not included in HSM or Key Vault deployments.