How To Sign Android Apps Locally

Signing Android applications is required in order to install the applications on mobile devices. Many individuals sign within their development and integration platform, but some are required to sign the app on designated computers in order to preserve the signing credentials within a trusted environment

This Knowledge Base article summarizes the steps required to sign mobile apps locally.

We hope you find it useful and enjoy using Appdome!

Signing a Built Android App on your Mac – Private Signing

Once you’ve downloaded and Android app file, you can sign the app on your Mac.

When you browse for a Keystore file on your Mac follow these steps:

  1. Click Options
  2. Format
  3. All Files
  4. Then you can select Android Keystore file (.jks and .keystore)

android keystore

Sign Android Apps Locally

After Building an app on the Appdome platform, Appdome highly recommends signing apps automatically using the Appdome service. This process ensures signing in accordance with Google guidelines, makes the app tamper-proof, and prevents mistakes.

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily integrate features to any mobile app – instantly, no code or coding required.

If you are required to sign Android apps locally off the Appdome platform, you can follow the process in this KB article to provide the certificate information needed for Anti-Tampering and to sign the Built app on your workstation.

Prerequisites

  1. An Android signing certificate, you can use the information in these resources on how to create a self-signed certificate Keystore.
  2. Using Google Play and your Own Keystore
  3. Signing Android Apps with Private Keys and Certificates
  4. Appdome account
  5. Appdome-GO access
  6. Built Mobile app

How To Sign Android Apps Locally – Private Signing

On Appdome, after you have completed Building and adding Context to your Android App, you can then follow the steps below to sign the Built app locally on your workstation.

  1. Chose Private Signing as the signing method on the Appdome platform
  2. Enter the certificate fingerprint
    NOTE: The certificate fingerprint is obtained using a java keytool described in the next section. Once you obtain the fingerprint, you can paste it with or without colon (:) separators.
    NOTE: The hint is the fingerprint of the signing certificate of the application as it was uploaded to Appdome. If you are signing before and after Appdome with the same credentials, the hint will suffice.
  3. Click the link Private Signing 

    private signing - signing apps locally

  4. (optional) To save the signing method on your fusion set, mark the checkbox.
  5. Verify your certificate fingerprint and click Private Signing.


  6. Once Sealing the application for Anti Tampering is complete, you can download the application and Deploy it.

fusion success message appdome private signing

Obtain the Certificate Fingerprint for Appdome Anti-Tampering

The fingerprint is a one-way hash of the certificate stored in the Android signing Keystore.
To get the fingerprint required by Appdome when signing Android Apps off the Appdome platform, from your workstation run:

keytool -list -keystore <path_to_keystore> -storepass <store pass> -alias <alias>

Or, another method:

keytool -list -printcert -jarfile <path_to_app>

NOTE: The SHA1 or the SHA256 of the signature is marked inside it.  It is a public identifier that can be extracted from the signed .apk as well.

For example, the output should look like this:

test-alias, Nov 20, 2017, PrivateKeyEntry,
Certificate fingerprint (SHA1):BE:D2:E3:17:9F:20:9A:F9:CF:55:E8:31:21:8C:7E:C7:7F:87:62:26

NOTE: You will need to copy-paste this fingerprint into the certificate fingerprint field on Appdome when choosing the option to sign manually. 

Using Appdome’s Aut-DEV Private Signing Script

Prerequisites

  1. An Android signing certificate, you can use the information in these resources on how to create a self-signed certificate Keystore.
  2. Using Google Play and your Own Keystore
  3. Signing Android Apps with Private Keys and Certificates
  4. Appdome account
  5. Appdome-DEV access
  6. Built Mobile app

How to Use Appdome-DEV Private Signing Script

With this private signing script, you can obtain from Appdome, this will allow users to sign apps that were Built on Appdome without having to upload signing certificates to Appdome.

Here is a link to a great Article on Appdome’s Auto-DEV Private Signing Android Apps Script.

Here’s another link to a great Article on Auto-DEV Private Signing iOS Apps Script.

Signing a Built Android APK App on your Workstation

Once you have downloaded the Built app from Appdome, you can sign the app on your workstation by running:

zipalign -f 4 <path_to_apk> <path_to_apk>-aligned.apk
mv <path_to_apk>-aligned.apk <path_to_apk>
apksigner sign --ks <path_to_keystore> --ks-pass pass:<store pass> --ks-key-alias <alias> --key-pass pass:<key pass> --v2-signing-enabled --v1-signing-enabled <path_to_apk>

After signing, your app is ready to deploy.

Signing a Built Android AAB App on your Workstation

Once you have downloaded the Built app from Appdome, you can sign the app on your workstation by running:

jarsigner <path_to_AAB> -sigalg SHA256withRSA -digestalg SHA-256 -keystore <path_to_keystore> <alias> -storepass <store pass> -keypass <key pass> -signedjar signed_AAB.aab

After signing, your app is ready to deploy it to the Play store.

Signing an Android app on Appdome

You can always sign an Android app after Fusing on Appdome!  Here is a link with more information on how to accomplish this.

To zoom out on this topic, visit the Appdome Platform section on our website.

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Paul Levasseur

Have a question?

Ask an expert

KaiMaking your security project a success!