DEV Community

Cover image for Signing and Aligning APK file for Google Play Store Deployment
George Ikwegbu Chinedu
George Ikwegbu Chinedu

Posted on

Signing and Aligning APK file for Google Play Store Deployment

Photo by Lisa Fotios from Pexels

Table Of Contents

🎯 Introduction

Hey, if you're here, that means you're already familiar with APK files. Well, in the case you don't know πŸ€—

An APK file is the file format used to install the applications on android operating system
Enter fullscreen mode Exit fullscreen mode

To Pull this off, we would be needing the following:

🎯 Keystore-keytool

This is the MOST important part of any APK file, as this creates a unique ID-like key for your application, which will always be needed for everytime there's a need for an update on your app, so keep this safe.

NB: If you're uploading your Folder (repo) to a Version Control System (like Github), please 
remember to add it to your .gitignore . (the file looks like this george.keystore, i.e, 
depending on what you name it, but the extension will be *.keystore)
Enter fullscreen mode Exit fullscreen mode

From your preferred command line interface (cmd.exe) run the below code:

$ keytool -genkey -v -keystore [keystore_name].keystore -alias [alias_name] -keyalg RSA -keysize 2048 -validity 10000
Enter fullscreen mode Exit fullscreen mode

I will try and explain the essential parts of the code above;

  • [keystore_name]: would be the name you wish to give your keystore, say calculatore.keystore
  • [alias_name]: would be the alias for your keystore

    NB: Copy the above code snippet, paste on your command line, then make the changes to your
    standard, then hit enter to run the code.

🎯 Keystore-password

Immediately the above code runs, a dialog comes up, for you to secure your keystore with a password.

NB: This is a command line interface, so your text would be hidden, but not to worry, 
you'll retype for confirmation sake
Enter fullscreen mode Exit fullscreen mode

Keystore-Password

🎯 keystore-credentials

These are simply additional details required of you.

NB: Please provide what you can remember, as the information you provide, is fused with 
the keystore being created.
Enter fullscreen mode Exit fullscreen mode

Keystore additional Details to provide

NB: When you hit enter after the country code, the next dialog will be a summary 
for you so confirm the details you provided before commencing. 
Enter fullscreen mode Exit fullscreen mode

🎯 keystore-alias-password

The alias you earlier chose, needs to be secured also,

NB: You can still use the keystore password also, by hitting <b>enter</b> as a 
confirmation  or simply provide a new one. If you're lazy like me, just hit enter 🀣🀣
Enter fullscreen mode Exit fullscreen mode

Keystore Alias password

🎯 Successful Keystore

Once you hit enter from the previous dialog, the below would be your popup (say everything went well oo ) πŸ₯°πŸ₯°πŸ₯°πŸ₯°πŸ₯°πŸ₯°πŸ₯°πŸ₯°πŸ₯°πŸ₯°.

Successful Keystore Creation

NB: keep this baby safe, else, be ready to build another app for Playstore πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚
Enter fullscreen mode Exit fullscreen mode

🧿 Jarsigner

jarsigner uses key and certificate information from a keystore to generate digital signatures for JAR files. A keystore is a database of private keys and their associated X. 509 certificate chains authenticating the corresponding public keys.

NB: Please, don't be mad at me, I just copied from Google and Pasted here. πŸ˜…... moving on 
😎
Enter fullscreen mode Exit fullscreen mode

Like the above definition, this tool will allow you to sign your APK file. Don't worry, if you'd followed everything thus far, there's 99% chance that you already have jarsigner 😊, if you don't have it, well ...πŸ™„πŸ™„ Check Introduction

In your cmd.exe, enter the below line of code:

$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore [keystore_name].keystore [my_application.apk] [alias_name]
Enter fullscreen mode Exit fullscreen mode

I will try and explain the essential parts of the code above;

  • [keystore_name]: would be the same name you gave to your keystore initially, say calculatore.keystore
  • [alias_name]: would be the same alias you provided earlier.
  • [my_application.apk]: would be the APK file you wish to sign, now this is a bit tricky, the apk file 'app-released-unsigned.apk' will be seen (in my case), at the:
$ C:\Users\usser\Documents\GitHub\COPEDA\src-cordova\platforms\android\app\build\outputs\apk\release\app-released-unsigned.apk
Enter fullscreen mode Exit fullscreen mode
NB: Take caution as to your current directory when deploying the 'jarsigner' command, 
because the 'my_application.apk' would literally have to be the app-released-unsigned.apk 
file, so either you copy the long file path with the apk file and paste in-place of the 
'my_application.apk' or you just run the 'jarsigner' in the same direactory as the 'app- 
release-unsigned.apk'.

The catch there is that, you'd have to also copy the full path to where your created 
keystore file is located.

Best practive, run the 'jarsinger' in your project root, where the 'keystore' file was 
saved, then append the full path of your 'app-release-unsigned.apk' file as the 
'my_application.apk' 
Enter fullscreen mode Exit fullscreen mode

Jarsigner Password

NB: The password for the keystore, is needed, provide it, and everything being equal, 
you'll get your APK signed
Enter fullscreen mode Exit fullscreen mode

OMG!!! you're still here πŸ˜…, that means i'm not that boring, ok, losen up a bit, we're almost there. Hey, how way your day??? Remember to take a walk now and then to ease the stress, this is the life you and I chose 🀣🀣🀣🀣. ok, moving forward...

🏁 Zipalign

If you had installed the SDK while running the Introduction part (Yikes, looks like I forgot to add that πŸ˜₯)

NB: Ok, since we're building an android APK file, it's only fair we have android studio 
installed yeah?. If we do, nice, because the SDK should be available, if we didn't well, 
don't get pissed off... 
Enter fullscreen mode Exit fullscreen mode

Get your Latest Android Studio & SDK here

NB: Once done, add the Zipalign (found in the build-tools, of the API-App level you 
installed) to your Operating System (OS) path.
Enter fullscreen mode Exit fullscreen mode

How to Add to Path (For Win 10, will work for all windows)

  • Click the windows key, and search for 'env', select the Environment Variables
    Windows Environment Variable

  • Select the 'Path' under the 'System Variables'.
    System Variables Path

  • Double click the 'Path', then edit to add the actual path of the SDK build-tools
    Edit System Environment Path

  • Click on save, another save, apply, then exit.. just nod positively to the already opened dialogs πŸ€—

NB: To test if we were successful, close your already opened cmd.exe (For real, close it, 
else it won't work πŸ₯±) then type 'zipalign', the response should be dope πŸ˜‹  
Enter fullscreen mode Exit fullscreen mode

Zipalign

Run the below code

$ zipalign -p 4 [app-release-unsigned.apk] [my-aligned.apk]
Enter fullscreen mode Exit fullscreen mode

I will try and explain the essential parts of the code above;

  • [app-release-unsigned.apk]: would be the full path to the unsigned APK file
  • [my-aligned.apk]: would be the New Name for Your Application, say Powercap.apk

Congratulations !!!.... You have your signed app ready for Deployment.

Top comments (0)