JabRef installation Windows 10 security warning

When trying to install JabRef (tested versions 4.8-5.3) on Windows 10, I am getting the following security warning:

" Open File - Security Warning
The publisher could not be verified. Are you sure you want to run this software?
Publisher: Unknown Publisher
Type: Windows Installer-packacge
From: C:\Users<user name>\Downloads

This file does not have a valid digital signature that verifies its publisher. You should only run software from publishers you trust. How can I decide what software to run? "

Unfortunately, my system administrator does not let me install apps without a valid signature. Are there also versions with a signature? My current workaround is to just use the portable versions.

Thanks for any help!

Hi,

yes this is a known problem and painful for Open Source. To make it short, we would need an expensive certificate (several hundred euros per year) to be able to sign the installer/exe.
Even as a non-profit organization (previously just individual developers) we solely rely on donations, and we decided not to spend the money for this, but rather use it to improve JabRef.

In the meantime use the portable version or maybe you can convince your administrator to roll out JabRef globally?

Best regards
Christoph

1 Like

Hi Christoph,

Thank you for your response! I am sure that the money is better spent elsewhere, I was just curios if there was a good workaround.

Maybe for future reference, I found it useful to use Scoop to install the portable version. It helps with version control and migrating settings.

Best regards,
Sebastian

1 Like

Decided as well to install JabRef via scoop:
Scoop - Apps (jabref)

You need first to execute:

scoop bucket add extras

as it seems JabRef is not in the standard/default channel/bucket. Then execute:

scoop install jabref

Iā€™d recommend showing this alternative installation on the website.

2 Likes