Best IT Recipes

How to sign an already assembled Apk

I decoded the APK with apktool (since the source code was lost), so I could fix some problems with the xml layout files. Then I restored it with apktool, and when I tried to install it on my device (using adb: adb install appname.apk), it gave me this error:

[INSTALL_PARSE_FAILED_NO_CERTIFICATES]

the original apk, however, was signed by the keystore (on the eclipse IDE), this is not, how can I correctly sign it using the original keystone file outside of Eclipse !?

+82
android apk android-install-apk
Jun 07 2018-12-12T00:
source share
6 answers

create a key using

 keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000

then sign apk using:

 jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name

check here for more information

+187
Jul 18 '14 at 21:14
source share

Automated Process:

Use this tool (uses the new apksigner from Google):

https://github.com/patrickfav/uber-apk-signer

Disclaimer: Im a developer :)

Manual process:

Step 1: Generate Keystore (only once)

You need to create a keystore once and use it to sign unsigned apk. Use the keytool provided by the JDK found in %JAVA_HOME%/bin/

 keytool -genkey -v -keystore my.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias app

Step 2 or 4: Zipalign

zipalign which is a tool provided by the Android SDK found in for example %ANDROID_HOME%/sdk/build-tools/24.0.2/ is a mandatory optimization step if you want to download apk to the Play Store.

 zipalign -p 4 my.apk my-aligned.apk

Note: when using the old jarsigner you need to run zipalign AFTER signing. When using the new apksigner method apksigner you do this before you sign up (confusing, I know). Calling zipalign before apksigner works fine , because apksigner preserves the alignment and compression of the APK (unlike jarsigner).

You can check the alignment with

 zipalign -c 4 my-aligned.apk

Step 3: Sign and Confirm

Using built-in tools 24.0.2 and later

Use jarsigner , which, like keytool, comes with the JDK distribution found in %JAVA_HOME%/bin/ and use it like this:

 jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my.keystore my-app.apk my_alias_name

and can be checked with

 jarsigner -verify -verbose my_application.apk

Using built-in tools 24.0.3 and newer

Android 7.0 introduces the APK v2 subscription scheme, a new application subscription scheme that offers faster application installation time and greater protection against unauthorized changes in the APK files (see here and here for more information). Therefore, Google introduced its own apk subscriber called apksigner (duh!) The script file can be found in %ANDROID_HOME%/sdk/build-tools/24.0.3/ (.jar is located in the /lib subfolder). Use it like this:

 apksigner sign --ks my.keystore my-app.apk --ks-key-alias alias_name

and can be checked with

 apksigner verify my-app.apk

The official documentation can be found here.

+43
Oct. 15 '16 at 21:00
source share

The fastest way is to subscribe to the debug repository:

 jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore ~/.android/debug.keystore app.apk androiddebugkey -storepass android

or on Windows:

 jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore %USERPROFILE%/.android/debug.keystore test.apk androiddebugkey -storepass android
+9
Sep 19 '16 at 1:31
source share

You are using jarsigner to sign the APK. You do not need to sign up with the original keystore, just create a new one. Read the details: http://developer.android.com/guide/publishing/app-signing.html

+5
Jun 08 2018-12-12T00:
source share

Updated Answer

Check out https://shatter-box.com/knowledgebase/android-apk-signing-tool-apk-signer/

Old answer

check apk-signer a good way to sign your application

+3
Mar 04 '13 at 9:53 on
source share

For those of you who do not want to create a bat file for editing for each project, or do not want to remember all the commands associated with the keytools and jarsigner programs, and just want to do this in one process, use this program:

http://lukealderton.com/projects/programs/android-apk-signer-aligner.aspx

I built it because I was tired of the lengthy process of entering all the files every time.

This program can save your configuration, so the next time you run it, you just need to click "Create" and it will process it for you. What is it.

No installation is required, it is fully portable and saves its configurations to CSV in the same folder.

+2
Aug 14 '16 at 20:01
source share


More articles:


All Articles