Vivek Viswanathan
Vivek Viswanathan Staff Engineer at Compass. Passionate about building software that pushes hardware to its limits!!

Signing an Android Apk

Signing an Android Apk

Why Sign the Apk?

Android requires all Apk files to be signed with certificate of the owning body (developer or company) before it can be installed. Signing ensures that apk is generated by the person who claims to be the author of the game.

How to Sign the Apk?

Step-1: Generate a keystore

  • Use the keytool utility to generate the keystore. Below are the steps:

Usage: keytool -genkey -v -keystore [keystore file path] -alias [alias_name] -keyalg RSA -keysize 2048 -validity [in days]

> keytool -genkey -v -keystore C:\temp\gamedev -alias gamedev -keyalg RSA -keysize 2048 -validity 9999

Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: XYZ
What is the name of your organizational unit?
[Unknown]: XYZ // [Firm's Department Name]
What is the name of your organization?
[Unknown]: ABC // [Firm's Name]
What is the name of your City or Locality?
[Unknown]: Hyderabad // [City Name]
What is the name of your State or Province?
[Unknown]: AP // [State]
What is the two-letter country code for this unit?
[Unknown]: 91 // [Country code]

Is CN=XYZ, OU=XYZ, O=ABC, L=Hyderabad, ST=AP, C=91 correct?
[no]: Y

Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 10,000 days
for: CN=XYZ, OU=XYZ, O=ABC, L=Hyderabad, ST=AP, C=91
Enter key password for <index> (RETURN if same as keystore password):
Re-enter new password:

And now, you have the keystore created representing the information provided.

Step-2: Zip align the apk file

Zip aligning the apk file makes sure all the artifacts of the apk file such as images and other files to start from a 4 byte boundary. This helps in optimized use of RAM in android as individual resources can now be accessed using the mmap() function (refer: https://developer.android.com/studio/command-line/zipalign). Zipalign using the below command:

> "C:\....\Android-SDK\sdk\build-tools\26.0.2\zipalign.exe" -f 4 app-release-unsigned.apk app-release.apk

Step-3: Sign the Apk

Now, we can use the keystore generated in step#1 to sign the apk.

> "C:\...\Android-SDK\sdk\build-tools\26.0.2\apksigner.bat" sign --ks "C:\...\gamedev.keystore" app-release.apk

The apk is now ready to be uploaded using the google play console.

comments powered by Disqus