Android: Key and Keystores when app release

Tram Ho

Some concepts

First we will learn about important concepts and definitions later.

  • App signing key: This key is used to sign the APK installed on a user's device. As part of the Android security update model, the signing key never changes throughout the life of the application. App signing keys are private and must be kept confidential.
  • Upload key: The key you use to sign apk or APK before you upload to register the app with Google Play. You must keep the upload key secret. However, you can share certificates created with your upload key.
  • Certificate: The certificate contains the public key as well as some additional identifying information about the owner of this key.
  • Java keystore (.jdk or .keystore): A binary file that serves as a certificate and private key store.

Sign the application

To be able to publish apps to Google play, the apps need to be "signed".

Create an upload key and keystore

You can create an upload key using Android studio using the following steps:

  1. On the menu bar, click Build> Build> Generate Signed Bundle / APK.

  2. In the Generate Signed Bundle or APK window, select Android App Bundle or APK and click Next.

  3. Click Create new.

  4. In the New Key Store window that appears, you need to provide the keystore and key information.

  5. Keystore:

  • Key store path: is the place to store the keystore.
  • Password: Create and confirm a secure password for your keystore.
  1. Key: Alias: Enter a name for your key. Password: Create and confirm a secure password for your key. Validity (years): valid period of the course (minimum 25 years). Certificate: Enter some information about yourself for your certificate. This information is not displayed in your application, but is included in your certificate as part of the APK.
  2. Click OK.

So you've successfully created the key and keystore, next we will "sign" the application with the key just created above.

Sign the application with the upload key

  1. On the menu bar, click Build> Build> Generate Signed Bundle / APK.

  2. In the Generate Signed Bundle or APK window, select Android App Bundle or APK and click Next.

  3. Click the link to the keystore you created above

  4. Enter the password for the keystore, alias and the password of the key. Click Next.

  5. Destination folder: Select the folder to save the apk file. Select the build type, Signature Versions you want your application to support. Click Finish.

  6. When Android Studio finishes building the app. The following popup will be displayed. Click the link in the popup to analyze or locate your apk.

So we have exported the release-apk file. You can find out the steps for posting apps to Google Play here .

Resources refer to Google Developers.

Share the news now

Source : Viblo