Skip to content

Downloading the sedex Client installer

Download one of the sedex Client installer programs from the Downloads section.

  • For Windows systems, the Windows installer program (EXE) is recommended.
  • For all other systems, the JAR installer program must be used.

How to verify the sedex Client installer

1. Ensure that the checksum is correct

The checksum is used to ensure that the file was not corrupted during download. You should compare the checksum of the received file with the value provided by sedex to ensure that the received file is complete and unchanged.

On Windows systems

Open a Windows Powershell and enter the following command to calculate the Sha256 hash: 

Get-FileHash sedex-client-7.0.4.exe

On Linux system

Enter the following command to calculate the Sha256 hash: 

sha256sum ./sedex-client-7.0.4.jar

2. Verify the publisher

The exe and jar installation program is digitally signed by the publisher "Bundesamt für Informatik und Telekommunikation". To check that the file originates from sedex and has not been altered, the signature can be checked as follows

EXE file / Windows systems

One way to check the authenticity and integrity of the sedex client installer under Windows is to simply run the file. Windows will automatically check the digitally signed file and allow the origin to be displayed based on the signing certificate.

Make sure that the verified publisher is "Bundesamt für Informatik und Telekommunikation"

If you display the details, the certificate must be issued to "CN=Bundesamt für Informatik und Telekommunikation, O=Bundesamt für Informatik und Telekommunikation, L=Zollikofen, C=CH" and the issuer of the certificate must be "DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1".

User Account Control

Publisher Certificate

JAR file / all systems

One way to check the authenticity and integrity of the sedex client installer in jar format is to explicitly verify the signing certificate using the java jarsigner:

Where do I find jarsigner?

As the Jarsigner tool is not included in the commonly used Java Runtime Environment (JRE), the Java Development Kit (JDK) must be installed in order to use it. A suitable JDK is Eclipse Temurin from Adoptium. 

jarsigner -verify -strict -verbose -certs sedex-client-7.0.4.jar

Make sure that there are no verification errors and that the certificate subject for all files in the jar is "CN=Bundesamt für Informatik und Telekommunikation, O=Bundesamt für Informatik und Telekommunikation, L=Zollikofen, C=CH".

- Signed by "CN=Bundesamt für Informatik und Telekommunikation, O=Bundesamt für Informatik und Telekommunikation, L=Zollikofen, C=CH"
    Digest algorithm: SHA-256
    Signature algorithm: SHA256withRSA, 3072-bit key
  Timestamped by "CN=DigiCert Timestamp 2023, O="DigiCert, Inc.", C=US" on Fri Oct 13 11:35:54 UTC 2023
    Timestamp digest algorithm: SHA-256
    Timestamp signature algorithm: SHA256withRSA, 4096-bit key

jar verified.

The signer certificate will expire on 2024-09-04.
The timestamp will expire on 2031-11-10.