How To Sign Android Apps Locally

Signing Android applications is required in order to install the applications on mobile devices. Many individuals sign within their development and integration platform, but some are required to sign the applications on designated computers in order to preserve the signing credentials within a trusted environment

This Knowledge Base article summarizes the steps required to sign applications locally.

We hope you find it useful and enjoy using Appdome!

Signing a Built Android App on your Mac

Once you’ve downloaded and Android app file, you can sign the app on your Mac.

When you browse for a Keystore file on your Mac follow these steps:

  1. Click Options
  2. Format
  3. All Files
  4. Then you can select Android Keystore file (.jks and .keystore)

Sign Android Apps Locally

After Building an app on the Appdome platform, Appdome highly recommends signing apps automatically using the Appdome service. This process ensures signing in accordance with Google guidelines, makes the app tamper-proof, and in many cases, prevents mistakes.

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily integrate features to any mobile app – instantly, no code or coding required.

If you are required to sign Android apps locally off the Appdome platform, you can follow the process in this KB article to provide the certificate information needed for Anti-Tampering and to sign the Fused app on your workstation.

Prerequisites

  1. An Android signing certificate, you can use the information in these resources on how to create a self-signed certificate Keystore.
  2. Using Google Play and your Own Keystore
  3. Signing Android Apps with Private Keys and Certificates
  4. Appdome account
  5. Appdome-GO access
  6. Built Mobile app

How To Privately Sign Android Apps Locally

On Appdome, after you have completed Building and adding Context to your Android App, you can then follow the steps below to sign the Built app locally on your workstation.

  1. Chose Private Signing in the signing method on the Appdome platform
  2. Enter the certificate fingerprint
    NOTE: The certificate fingerprint is obtained using a java keytool described in the next section. Once you obtain the fingerprint, you can paste it with or without colon (:) separators.
    NOTE: The hint is the fingerprint of signing certificate of the application as it was uploaded to Appdome. If you are signing before and after Appdome with the same credentials, the hint will suffice.
  3. Click the link Private Signingprivate local signing appdome
  4. Verify the certificate fingerprint is correct, and choose Private Signing
  5. Once Sealing the application for Anti Tampering is complete, you can download the application and Deploy it.

Obtain the Certificate Fingerprint for Appdome Anti-Tampering

The fingerprint is a one-way hash of the certificate stored in the Android signing Keystore.
To get the fingerprint required by Appdome when signing Android Apps off the Appdome platform, from your workstation run:

keytool -list -keystore <path_to_keystore> -storepass <store pass> -alias <alias>

Or, another method:

keytool -list -printcert -jarfile <path_to_app>

NOTE: The SHA1 or the SHA256 of the signature is marked inside it.  It is a public identifier that can be extracted from the signed .apk as well.

For example, the output should look like this:

test-alias, Nov 20, 2017, PrivateKeyEntry,
Certificate fingerprint (SHA1):BE:D2:E3:17:9F:20:9A:F9:CF:55:E8:31:21:8C:7E:C7:7F:87:62:26

NOTE: You will need to copy paste this fingerprint into the certificate fingerprint field on Appdome when choosing the option to sign manually. 

Using Appdome’s Aut-DEV Private Signing Script

Prerequisites

  1. An Android signing certificate, you can use the information in these resources on how to create a self-signed certificate Keystore.
  2. Using Google Play and your Own Keystore
  3. Signing Android Apps with Private Keys and Certificates
  4. Appdome account
  5. Appdome-DEV access
  6. Built Mobile app

How to Use Appdome-DEV Private Signing Script

With this private signing script, you can obtain from Appdome, this will allow users to sign apps that were Built on Appdome without having to upload signing certificates to Appdome.

Here is a link to a great Article on Appdome’s Auto-DEV Private Signing Android Apps Script.

Here’s another link to a great Article on Auto-DEV Private Signing iOS Apps Script.

Signing a Built Android App on your Workstation

Once you have downloaded the Built app from Appdome, you can sign the app on your workstation by running:

zipalign -f 4 <path_to_apk> <path_to_apk>-aligned.apk
mv <path_to_apk>-aligned.apk <path_to_apk>
apksigner sign --ks <path_to_keystore> --ks-pass pass:<store pass> --ks-key-alias <alias> --key-pass pass:<key pass> --v2-signing-enabled --v1-signing-enabled <path_to_apk>

After signing, your app is ready to deploy.

Signing an Android app on Appdome

You can always sign an Android app after Fusing on Appdome!  Here is a link with more information on how to accomplish this.

To zoom out on this topic, visit the Appdome Platform section on our website.

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Paul Levasseur

Have a question?

Ask an expert