I've appended this target at the end of the enterprise application's build.xml:
<target name="post-dist" description="Sign JAR file">
<apply executable="sign.bat" type="file"
resolveexecutable="true" failonerror="true" ignoremissing="false">
<fileset dir="./dist" includes="*.ear"/>
<srcfile/>
</apply>
</target>
sign.bat:
jarsigner -keystore <keystore-path> -storetype <storetype> -storepass <keystorepass> -keypass <privatekeypass> %1 <alias>
Ant will insert the EAR filename to %1.
You'll have to create a keystore, which contains a certificate and private key. You can create a fake one, as I know, but I use a real certificate-key pair.
[Message sent by forum member 'mbazs' (mbazs)]
http://forums.java.net/jive/thread.jspa?messageID=220760