Servoy has some tutorials on their wiki at: http://wiki.servoy.com/display/tutorials/JAR+signing  However, in this example, I'm going to show using a different certificate provider specifically for code signing purposes.  For this, we will get a Code Signing Certificate from Comodo. They have been in the JRE by default since Windows 98, so you shouldn't have any problems with it.   I use https://secure.ksoftware.net to purchase the certificate because they offer it as a reseller at a discount of $99 per year, or even cheaper if you buy a multi-year.

1.  Open FireFox (yes, firefox specifically), and navigate to https://secure.ksoftware.net/code_signing.html

2.  Go through the order form entering your information.  It will automatically generate the code signing request from your browser.

3.  You will get an email from Comodo and they will ask for your information to confirm your identity of the SSL cert.  For a business, your Articles of Inc or Business License with do.  For an individual, you just need drivers license or passport.

4.  Once it has been validated Comodo will send you a link to retrieve your cert.  Again, use Firefox to retrieve the certificate. (it will actually install it into your browser)

5.  Next, export the cert to a PFX file.  Instructions here: http://blog.ksoftware.net/2009/10/exporting-your-code-signing-certificate-to-a-pfx-file-from-firefox/  .  The PFX file contains your Key and your Certificate all in one convenient file.  You will be asked for a password when you export it.  Remember what it is.

6. Double click on the exported file, and it will attempt to automatically install it into your keystore (where java saves your certs).

7.  Now that it is in the keystore, we need to type in a java command to find out what the alias name of our cert is.  Open up a Terminal (mac) or Command Window (Windows), and navigate to where your pfx file was exported.  Then type this command:

keytool -list -storetype pkcs12 -keystore mycert.pfx -v

(replacing mycert.pfx with the name of your certificate)

In the top of the output, it will display the alias of your cert.  For example, mine is: "itech professionals, inc.'s the usertrust network id".   Copy that and save it somewhere.

8. Now (finally), lets sign a jar file.  Again, we'll need terminal to do this.  If you have your cert and jar in the same folder, open up Terminal or Command window and navigate to that directory.  Then run this command:

jarsigner -storetype pkcs12 -keystore mycert.pfx myapp.jar "aliasname"

(replacing mycert.pfx with the name of your cert, and myapp.jar with the name of the jar to sign, and aliasname with the alias name of your cert from the previous step.

After you runt he command, you will be prompted for a password.  Enter the password that you used when you export the key from Firefox.

Thats it.  The jar is signed and ready to be used