Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Sourcetree not signed

Werner Grünenfelder
Werner Grünenfelder
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 30, 2025

We received a message from our security department that sourcetree.exe

sha256: 7d8457f4d50715790c53fd8d647fd90e1d41e9b4c59bbb3e6164383a4c2b569a

is not signed by Atlassian and is therefore blocked. We would like to inquire why Atlassian doesn't sign the software and whether this can be corrected.

 

Best regards

Answer
Watch
Like Be the first to like this
893 views

2 answers

0 votes
Reetika Narula
Reetika Narula
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 29, 2025

Hi @Werner Grünenfelder ,

Thanks for reaching out and for providing the details.

I’ve checked the Sourcetree installer (version 3.4.26) and can confirm that it is digitally signed by Atlassian Pty Ltd. You can see this by right-clicking the installer, selecting Properties → Digital Signatures, and reviewing the signature information — it shows Atlassian Pty Ltd as the signer, using the sha1 digest algorithm.

The absence of a timestamp (“Not available”) can sometimes cause certain security tools to flag the file as unsigned, even though it is signed. This doesn’t mean the signature is invalid — just that the timestamp wasn’t embedded during signing.

If your security department needs additional assurance, they can verify the signature validity directly with Windows by:

Opening the file’s Properties → Digital Signatures tab.

Selecting the signature and clicking Details → View Certificate → Details → Verify.


Best regards,
Reetika

Reply
0 votes
Tinker Fadoua
Tinker Fadoua
Community Champion
October 8, 2025

Welcome to the Atlassian Community @Werner Grünenfelder !

I am requesting Atlassian's assistance since they are the only ones who can answer your question. The will get back to you within 2 business days.

Best,

Fadoua

Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security