Signs jar or zip files with the javasign command line tool. The tool detailed dependency checking: files are only signed if they are not signed. The signjar attribute can point to the file to generate; if this file exists then its modification date is used as a cue as to whether to resign any JAR file.


Attribute Description Required
jar the jar file to sign Yes, unless nested filesets have been used.
alias the alias to sign under Yes.
storepass password for keystore integrity. Yes.
keystore keystore location No
storetype keystore type No
keypass password for private key (if different) No
sigfile name of .SF/.DSA file No
signedjar name of signed JAR file No
verbose (true | false) verbose output when signing No; default false
internalsf (true | false) include the .SF file inside the signature block No; default false
sectionsonly (true | false) don't compute hash of entire manifest No; default false
lazy flag to control whether the presence of a signature file means a JAR is signed No; default false
maxmemory Specifies the maximum memory the jarsigner VM will use. Specified in the style of standard java memory specs (e.g. 128m = 128 MBytes) No

Parameters as nested elements

Attribute Description Required
fileset fileset of JAR files to sign. Will be ignored if the jar attribute of the task has been set. No


<signjar jar="${dist}/lib/ant.jar"
alias="apache-group" storepass="secret"/>

signs the ant.jar with alias "apache-group" accessing the keystore and private key via "secret" password.

Source: Apache Ant