How to sign our APK files to be published in the Google Play Store

Hello to all,

** Read this message below, because App Builder incorporates now visual tools to do this! **

This thread want to explain how to sign our APK files in order to be published in the Google Play Store. This post is based in the official Google documentation and uses the appropiate keytool and jarsigner programs, included by the Java JDK installation, as well the zipalign program, included by the Android SDK installation.

Step 1/4 - Prepare our release APK file

App Builder can creates three BAT files to prepare our application to be build with Apache Cordova. This three BATH files are "cordova_android_debug.bat", "cordova_android_run.bat" and "cordova_android_release.bat" file.

We normally use the first one or the second one in order to try our application's APK in our Android device, but, when we are ready to publish our application, we must use the third BAT file, in order to get an APK (yet unsigned) ready to be upload to the Google Play Store.

Once we execute the "cordova_android_release.bat" file we get our APK in the directory "MyApp_Compiled\platforms\android\build\outputs\apk\".

Step 2/4 - Prepare our "keys"

In order to sign our APK file, we need to create a couple of public/private keys for our own use. This step must be made at least one time, that is, once we prepare our "keys" file, we can use such file to sign various APK files.

We use the "keytool" to create our keys. The "keytool" is included by the Java JDK, something we have already installed (because it's required to installing Apache Cordova). The command we must use is the below one:

The above command creates our keys in the file "D:\MyKeys.keystore". Of course you can specify another path and file name. However, take care about such path, because we use later when sign the APK files. Also, you must replace this information with your own one:

Common Name = Your name, for example, David Esperalta
Organization Unit = Your organization unit, for example, AndroidSoft
Organization Name = Your organization name, for example, David Esperalta Soft
Locality Name = Your locality name, for example, Madrid
State Name = Your state name, for example, Madrid
Country 2 Digit Code = Your country 2 digit code, for example, ES (for Spain)

Note we need to replace the "MyAlias" too. Just choose an alias to be used later when sign our APK files. You also need to replace the "MyPassword" in the above command with your own password. I think we can use (for simplicity) the same password for both "keypass" and "storepass". Later we need to use this password when sign our APK files, so remember it.

If the above command is well executed, then the "D:\MyKeys.keystore" is created, and we can use in the below step.

Step 3/4 - Sign our APKs

Once we have created our "keys" we can use it in order to sign our APKs. This is does using the "jarsigner" tool, which is also included with the Java JDK installation. The command we can use is the below one:

The above command finally sign our APK file. Note we specify "MyPassword" in both "storepass" and "keypass". This password must be the same that we used above in the step 2. Also we use "MyAlias", that, again, must be the same we used above in the step 2.

On the other hand, as you can see, we specify in the above command the path for our "MyKeys.keystore" file and of course the path of our unsigned "MyApp.apk" file. Of course you must replace this paths by your own ones.

And that's all! Finally we can check (optionally) if our APK file has been correctly signed by this command:

Note we specify the path for our APK file.

Step 4/4 - "Align" our APK file

I am not completely sure if this step is really needed. Anyway, apparently we can use the "zipalign" tool (this time included by the Android SDK installation) in order to "provides important optimization to Android application (.apk) files.", as we can read here in the official documentation.

Anyway, using the "zipalign" tool is not too much complicated, just the below command:

As you can see, we indicate our signed APK file and must to provide an ouput file, different to the first one, in this case "MyApp_Aligned.apk", to save the aligned APK file. Is this final "D:\MyApp_Aligned.apk" the file that we must use to upload into our Google Play Store account, in order to publish our APK.

That's all! I hope this post can help to all. Fell free to post any question here.

Hi David,

Thanks for making this information more clearer.

Always thanks you Ade! :)

Hi David,

Step 4/4 is needed because it is use for rename our *apk file for example: android-release-unsigned.apk is always default name and I need to keep the signed *.apk file for internal test.

Therefore, I need to rename all my apk files for keep.

For unknown reason step 4/4 is not working for me.

Thanks

Hello,

Honestly I am not an expert in the "zipalign" tool so I am not sure if can help you... maybe a search in Google can provide you more effective help... anyway, you get some error message? This works for you in the past? Sorry if I can't tell you more right now...

Hello,

Honestly I am not an expert in the "zipalign" tool so I am not sure if can help you... maybe a search in Google can provide you more effective help... anyway, you get some error message? This works for you in the past? Sorry if I can't tell you more right now...

Hi David,

I got it working. The problem was I was using old zipaligh file and after I changed it then it started working as expected.

Thanks

David,This article was great tutorial
https://www.thepolyglotdeveloper.com/2014/09/signing-apache-cordova-android-app-release/
It say that we can sign with cordova command line and no use to manual zipalign tool.

Hello,

Thanks tin, I will take a look at that.

Hi there,
Thanks David for the detailed steps. We must be used to zipalign because we must be used to protecting our apps (we must learn how to Proguard or our app could be opened and code clearly read)

Hello,

Hi there,
Thanks David for the detailed steps. We must be used to zipalign because we must be used to protecting our apps (we must learn how to Proguard or our app could be opened and code clearly read)

Thanks for the information and the Proguard link Samuel! I want to take a look at that software.

Hello,

Thanks for the information and the Proguard link Samuel! I want to take a look at that software.

Hi David,

Have manage to test the Proguard?

I tested it the apk file builded with AB and it did not work.

Any feedback?

Hello to all!

To anyone who are interested in this thread, that is, how to sign our APK files, I want to inform that the latest release of App Builder incorporates a couple of new tools:

1º The APK Signer tool, which can be used to sign our released APK files in a visual way.

2º The Key Store tool, which can be used to create Key Store files (required to sign apps).

I really hope these news App Builder tools can be useful. Certainly we can continue using the command line, but now we have also a GUI alternative included in App Builder "out of the box".

Hi The Boss,

Good to see automated from AB :cool: instead of of Manual using windows command-line.

Good bye to black screen and no more question from my partner "what is that black screen running on your computer?" :lol: :lol: :lol:

Thanks David

Hello to all!

Hi The Boss,

Good to see automated from AB :cool: instead of of Manual using windows command-line.

Good bye to black screen and no more question from my partner "what is that black screen running on your computer?" :lol: :lol: :lol:

Thanks David

You're welcome Ade!

David,

So I am having a bit of a problem. I successfully compiled, built, signed, aligned and uploaded my apk to the android developer console.

It's even on the Play Store (Yay!). However, the client wanted a major change, so I changed it. Now when I try to upload the new version of the same app, I get the following error every single time:

I am not sure where to change this? I have read online this may have to do with AndroidManifest.xml, but I am not sure. I have read it needs to be incremented by some number, 1 or more.

How do we do this and can it be made more obvious within App Builder?

Here is a link to an answer I found online (but am not sure how to implement it in my situation using App Builder):

http://stackoverflow.com/questions/24772407/upload-failed-you-need-to-use-a-different-version-code-for-your-apk-because-you

Thanks David.

Mike

Hello Mike,

Yes; you have reason sir, we must increment the "version code" in the Android platform on every application deploy/upload to the Google Play store. We can do it from the app's options dialog as you can see in the below image:

PERFECT!

That did it. Awesome how great your software and support is. I will SWEAR by it and use it for all mobile and HTML5 programming.

Mike

Hello!

PERFECT!

That did it. Awesome how great your software and support is. I will SWEAR by it and use it for all mobile and HTML5 programming.

Mike

Thanks for your kindly words Mike, I appreciate it! :)

Hello to all,

From some recent Cordova's version it's possible to sign our Android applications by preparing certain JSON file ("build config") in which we can specify the appropiate information to sign our applications when debug and release it.

This message is to inform that App Builder incorporates now the right app's options in order to generate the refered JSON file, and use it from the generated BAT files. So we can now sign our applications in one step.

The specific Android tools that incorporates App Builder too still existing, because, for example, using that tools we can create the appropiate storekey file, something that we need to use it in the above options.

Hope this information are useful!

P.S. The same options are also available for the iOS platform: the right JSON file can be generated by App Builder now and used it in the generated SHELL files for UNIX.

Hi David,
Thanks for the information. I will stick to the old method. Because if I want to update my apk file on apps store I need the store key file.

Thanks

Hello to all,

Hi David,

Thanks for the information. I will stick to the old method. Because if I want to update my apk file on apps store I need the store key file.

Thanks

Maybe you did not understand the point, or maybe I did not explain it very well? With the Key Store tool already incorporated in App Builder, we can create Store key files and private keys. With that information (a store key path and a private key) we can use now the new options and the JSON config file. Then we no need to do anything else, because when debug, run or release our apps, they are automatically signed based on the JSON config file provided information.

Of course we can continue using the Android specific tools that AB incorporate (because, for example, we want to sign an specific APK file), but the new JSON config build file allows to sign our applications at the same time they are debug, run or release, then we save our time. :)