From a practical point of view you need one of two sort of files in order to sign something. Either a keystore file or a pfx file. A keystore file is basically a file representing a associated array. The keystore needs an equivalent of a username and password so you can open it. Each element of the map points to a list of certificates (a certificate chain). The keys for the elements are called aliases and are represented by a string and they also have a password as well.
A Keystore file can be created fairly easily with the keytool software that comes with a Java installation. Open up whatever Java folder you have (I’m using Windows, so its in Program Files/Java) and look in either a JRE or JDK folder and you should find a keytool.exe. To generate a keystore open a console window and type in something like:
keytool -genkey -alias myAlias -keyalg RSA -keystore \path\keystoreName
This generates a keystore called keystoreName using myAlias to identify it and encrypt it with RSA. You’ll then get a bunch of questions to fill in starting with the password for the keystore as a whole. The last thing it asks for is a password for the entry with the certificate chain, the mapping also has the same alias as the alias specified to identify the keystore as a whole, just to keep you on your toes!
You can also generate a certificate if you feel that way inclined:
keytool -export -alias myAlias -file \path\somecert.cer -keystore \path\keystoreName
It will then ask for the keystore password and create a certificate called somecert.cer. If you like you can double click on the certificate in Windows and it will ask to install it to your trusted certificates.
If you have a finite life span you may want to generate a .pfx file instead. In Windows open a console window, cd to somewhere sensible and type:
cipher /r:whateveryoulike.
Enter a password and you have a certificate (whateveryoulike.cert) and a .pfx file (whateveryoulike.pfx). Ta-da!