it may be necessary to convert the *.pem files with openssl. if that's true, look up the manpage of openssl.
then proceed by creating a keystore with the
keytool
command that comes with java, IIRCafter creating the keystore sign the aforementioned jar-file with the command
jarsigner
check if everything worked as expected by inspecting the contents of the signed jar-file via:
jar -xvf $jar-file; cd META-INF; cat MANIFEST* *.RSA *.SF
or alternatively viajarsigner -verbose -verify -certs $path/to/jar-file
huh, that was step-by-step, but quite terse. but it should get you going (in the right direction...)