Following our recent article regarding the Android signing overview here is the process regarding how to actually sign your Android application using a self signed certificate. This is a procedure for release mode signing, and after following this you can directly publish your application on Android Market. You will however need to obtain a key from a certification authority like VeriSign for a fee, or you can create a self signed one yourself at no cost.
To create a self signed key using KEYTOOL, you need to have JDK installed. Both the KEYTOOL and JARSIGNER tools are bundled with the JDK.
-genkey – Generates a key pair
-v – Enables verbose output
-keystore <name-of-keystore>.keystore – Creates a new Keystore
-alias <name-of-alias> – Creates an alias for the key
-keyalg <name-of-algorithm> – Specifies the encryption algorithm used to generate the key. Ex: RSA, DSA
-validity <no-of-days> – Specifies the validity in days (As a standard, keep it more than 10,000)
-storepass <password> – Specifies the keystore password
-keypass <password> – Specifies the key password
-dname <name> – Specifies the creator of the key
Here is the command you should run to create a key.
> keytool -genkey -v -keystore mykeystore.keystore -alias aliasname -keyalg RSA -validity 10000
You don't specify the -storepass, -keypass for security reasons. The KEYTOOL application will prompt your for the Keystore password Key password. It will also ask for other details like your name, organisation, address (CN, OU, O, L, ST etc). If the command runs without errors, a new keystore will be created as mykeystore.keystore
Now to sign your unsigned APK using this key, use the JARSIGNER tool.
-keystore <name-of-keystore>.keystore Specifies the name of the keystore containing your private key
-verbose – Enable verbose output
-storepass <password> – Specifies the password for the keystore
-keypass <password> – Specifies the password for the private key
Here is the command to run to sign your application APK
> jarsigner -verbose -keystore mykeystore.keystore myapplication.apk aliasname
myapplication.apk is the name of your APK file. aliasname is the alias of the key you created. Don't specify the -keypass and -storepass attributes and it will prompt you for the passwords. Enter the passwords correctly, and your signing process is complete. You can now publish your application on the Android Market.
This post is part of the series: Programmers Guide: Signing Google Android Applications
- What Signing Means if You Are a Google Android Application Developer
- How To Sign Your Android Applications