- The SSL.com eSigner service has been integrated
- The Ant task can now sign multiple files by defining a fileset (contributed by Kyle Berezin)
- The type of the keystore is now automatically detected from the file header
- The
storepassandkeypassparameters can now be read from a file or from an environment variable - The execution of the Maven plugin can now be skipped (with the
<skip>configuration element, or thejsign.skipproperty) - Fixed the "Map failed" OutOfMemoryError when signing large MSI files
- Certificates using an elliptic-curve key are now supported
- The default timestamping authority is now Sectigo instead of Comodo
- The signed file is now properly closed after attaching or detaching a signature (contributed by Mark Thomas)
- A detached signature added to a PE file whose length isn't a multiple of 8 is no longer invalid
- Fixed an error when signing with a Yubikey on Windows with a 32-bit JRE
- The PKCS#11 slot of the Yubikey is now automatically detected
- Upgraded BouncyCastle to 1.71