Hello haikong, if all you want is to sign a jar file then I can do it for u. U need to have a valid certificate from a certificate signing authority such as Thawte or Verisign if you want ur jar file to be loaded from browsers by any users on the web. Otherwise, if you are only going to redistribute the jar across private users then I guess a self-signed certificate should be fine.