There is a list of jar files, that I want to know if they are digitally signed, they are on a windows machine. I tried to right click on one of the jars, but couldn't see anything related to digital signature, is there a way from windows to detect if file is signed or not?
Regards,
If you have a JDK installed, you can run jarsigner -verify
from CMD or PS prompt, which will check the signature if it is present or tell you if it is absent, or just run jar tf file.jar META-INF
and look for filenames like $signer.SF; for a multiversion jar with lots of clutter in META-INF, either search positively for .SF files with a tool like findstr
(or -match
in PS) or negatively exclude all versions/ files.
If you mean with only Windows, a jar file is really a zip file with certain restrictions, and Explorer (since Vista IIRC) understands zip files. Change the extension from .jar to .zip, then 'open' the file as a folder and look in META-INF for $signer.SF file(s). But this is a manual process so you can't really drive it from a list in a file, if that's what you mean.