A few questions about signing JARs for Web start

I'm still a bit new to all this, so just want to clear a few things up.

I'm currently trying to publish an application using Web start, so i know I have to sign all the JARs, as it needs to do some writing to the hard drive.

1. I have my main JAR file, and then two "third party" JAR files in the /lib subfolder, I take it I need to sign those two as well, does it matter that I don't have the .class file for those two, as I didn't write them?

2. I'm running the JARSIGNER program with exactly the same command line apart from the filename of the .jar file, is that correct? or do I need a different certificate for each .jar file?

Just can't seem to get all three signed, Web start says one different one isn't signed each time I try it out.

3. When signing, does it add something to the end of the JAR file itself? as I can't see any extra files created.

[902 byte] By [forgeuka] at [2007-11-27 5:41:41]