Signing an APK from a cordova android release build

If you’re like me and you use the CLI for almost all tasks then this will help you sign your APK’s for publishing to Google Play.

Step 1 – Build the release APK

You’ll need to get cordova to build an APK file for release.

cordova build android –release

This will typically dump an APK file to projectRoot/platforms/android/build/outputs/apk/SOMETHING.apk

Step 2 – Create a Keystore

You’ll need to install Java in order to access the binary called keytool. This binary will produce the keystore files you’ll need for signing the APK.

keytool -genkey -v -keystore <KEYSTORE FILENAME> -alias <KEYSTORE ALIAS> -keyalg RSA -keysize 2048 -validity 10000

The KEYSTORE FILENAME is the output file the keystore data will be saved to. The KEYSTORE ALIAS is a simple alias we’ll use later in the process to identify which key to use within the keystore.

Step 3 – Sign the JAR file

Here we’ll use jarsigner to create an preliminary APK file.

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore <PATH TO KEYSTORE FILE> <PATH TO CORDOVA BUILT APK> <KEYSTORE ALIAS>

The jarsigner will take the keystore, the cordova built APK and the keystore alias and create an APK that needs to be zipaligned.

Step 4 – ZIPAlign the file

Now we simply call zipalign to finish the job.

zipalign -v 4 <PATH TO CORDOVA BUILT APK> <FINISHED APK FILENAME>

The FINISHED APK FILENAME can be anything you wish. This file can then be uploaded to Google Play :)

Posted in Android Tagged with: , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>