You get this error "Extended key usage does not permit use for code signing" because you signed the
custom-truststore.jar in step 6 with a certificate which is not enabled for code signing .
You need to request a certificate from your certificate authority which is enabled for code signing and server identification.
In some cases the CA does not issue any certificate's which are enabled for code signing and server identification in one certificate.
In that scenario you need to request a seperate certificate for code signing and use this one to sign the custom-truststore.jar in step 6.