To signed the jar or exe of your application you need to purchase Signing Certificates from any of providers. Signing Certificates are issued by Internet organizations called Certificate Authority. There are many such organizations, i.e. : verisign, comodo.
These providers send you pvk and spc file for signing files. You can use SignTool, SignCode and JarSigner utility to signed data.
Steps for Signed :
Convert the pvk and spc files to pfx format.
pvk2pfx -pvk lmenaria.pvk -pi [Password1] -spc lmenaria.spc -pfx lmenaria.pfx -po [Password2] -f
1. Now Signed the Exe file using SignTool.exe:
signtool.exe sign /f lmenaria.pfx /p [Password] /v /t http://timestamp.comodoca.com/authenticode MyApplication.exe
2. Now Verify the Exe with ChkTrust.exe:
chktrust.exe /q /v MyApplication.exe
If you want to Sign the jar then you need to use JarSigner Utility:
Sigining : jarsigner -storetype pkcs12 -keystore lmenaria.pfx -storepass []Password] MyApplication.jar