I was just looking at the keytool and jarsigner man pages, and the instructions don't look too bad, as long as you're already reasonably familiar with the mechanics of x509 public key crypto, which isn't usually something that can be understood quickly, at least not with the documentation I've seen.

If someone would like to provide me a jar file to sign, I'm sure I could do it fairly quickly. I already have a CA set up for other things, and I should be able to use that as a backend for signing the applet.

What would jWebEmplode need as far as permissions? Read access from the local drive, obviously. Anything else?