A good general book, not specific to
Java, is Practical Cryptography by Schneier and Ferguson. For Java example, you can probably google to find numerous ones. If you'd like, I get post refs a little later.
You'll need to understand the concepts behind public key cryptography. Sometimes people are a little loose with their terminology, so I think you may be using the term certificate incorrectly. Basically, a user who will perform signing operations needs a key pair: a private key and public key. These are creating simultaneously and are mathematically related. The public key is what is contained in the certificate. The private key is securely kept by the user. The certificate is made available to all; in some protocols it is actually sent along with every signed message.
The private key is what is used in signing. The public key is used to verify signatures. In high security environments, the private key is kept in secure hardware. In normal software environments, the private key is kept in an password-encrypted file. An example of such a file is a PKCS#12 format file. This is the kind of file that is produced by IE and Firefox when you ask them to export your private key (internally, they are stored in proprietary formats). You could do something equivalent in your database by storing the password-encrypted private key object as a BLOB. When a user wants to sign a document, retrieve the BLOB, ask the user for their password, decrypt the BLOB, and sign the document. Obviously, good secure programming practices need to be followed in the handling of the password and decrypted private key.
At some point, you might ask: is there an easier way? Sure, use a higher-level package for message security. You can find commercial and freeware packages that implement various capabilities. For example, the Cryptix PGP provider supports the OpenPGP standard, and Bouncycastle and IAIK support many different standards including PGP and CMS. If it was me, I'd try to buy a solution from someone like PGP.com.