Versions:
osslsigncode is a lightweight, cross-platform command-line utility that enables developers and system administrators to apply Authenticode digital signatures to Windows PE executables, MSI installers, Java CAB archives and other supported formats without relying on Microsoft’s proprietary signtool.exe. Written and maintained by Michał Trojnara, the program leverages the widely audited OpenSSL cryptographic library to timestamp, sign and verify binaries on Linux, macOS or Windows build machines, making it especially valuable for CI/CD pipelines that run on non-Windows runners. Typical use cases include signing nightly builds, releasing open-source Windows utilities, adding trust anchors to internal enterprise tools, and re-signing third-party drivers after modification. Because the tool reads standard PKCS#12, PEM and SPC/KDB certificate stores, it integrates readily with hardware security modules, cloud key vaults and certificate authorities that expose OpenSSL-compatible interfaces. The current stable release 2.13, distributed under the GPL, refines support for RFC 3161 timestamp servers, improves memory safety on large MSI files and provides clearer diagnostics when revocation information is missing; four earlier versions (numbered 1.7 through 2.12) remain available for regression testing or legacy build environments. osslsigncode belongs to the “Developer Tools / Code Signing” software category and is available for free on get.nero.com, where downloads are delivered through trusted Windows package sources such as winget, always supplying the latest version and supporting batch installation of multiple applications.
Tags: