tycho & jar signing

You can see a working example in The Mylyn-Mantis connector pom.xml . I have a special profile for signing:

    <profile>
        <id>sign</id>
        <activation>
            <property>
                <name>jarsigner.alias</name>
            </property>
        </activation>
        <build>
            <plugins>
                <plugin>
                    <groupId>org.apache.maven.plugins</groupId>
                    <artifactId>maven-jarsigner-plugin</artifactId>
                    <version>1.2</version>
                    <executions>
                        <execution>
                            <id>sign</id>
                            <goals>
                                <goal>sign</goal>
                            </goals>
                        </execution>
                    </executions>
                </plugin>
            </plugins>
        </build>
    </profile>

Typically I invoke the sign command as mvn clean package -Djarsigner.alias=... -Djarsigner.storepass=... -Djarsigner.keypass=.... .

You also need to have a code signing certificate, whcih you will import using keytool -trustcacerts -importcert -file $CERTIFICATE -alias $ALIAS -keystore keystore.jks.