After signing a jar file with an existing signature, you may get an error like this:
jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest
This is because you should first remove the old signature. To do this, they say to unzip the jar file and remove the META-INF directory and zip it back. Fortunately the zip command has an option for this.
zip -d "META-INF/*" yourFile.jar
Then use jarsigner to sign the file, this varies depending on your keystore format. Here’s an example:
jarsigner -keystore yourKeyStore.pfx -storetype PKCS12 yourFile.jar myAliasInKeystore