All Android packages (apk
files) are signed by a certificate or a keystore
file to enable their installation on a device. When you are debugging/developing your application, your package is automatically signed by a development certificate that was generated by the Android SDK. It is fine to use this certificate for development or even beta testing; however, it cannot be used on an application distributed to Google Play.
To create a production certificate, we can use a command-line tool included with the Android SDK named keytool
. To create your own keystore
file, run the following line in a terminal window:
keytool -genkey -v -keystore <filename>.keystore -alias <key-name> -keyalg RSA -keysize 2048 -validity 10000
Replace <filename>
and <key-name>
with appropriate terms for your application. The keytool
command-line tool will then prompt several questions for you to identify the party that is signing the application. This is very similar to an SSL certificate, if you have ever worked with one before. You will also be prompted for a keystore password and a key password; you can let these be the same or change them, depending on how secure you want your key to be.
Your console output will look something like what is shown in the following screenshot:
When complete, you should store your keystore
file and password in a very safe place. Once you sign an application with this keystore
file and submit it to Google Play, you will not be able to submit updates of the application without signing it with the same certificate. There is no mechanism to retrieve a lost keystore
file. If you do happen to lose it, your only option is to remove the existing app from the store and submit a new app that contains your updated changes. This could potentially cause you to lose a lot of users.
To sign an Android package, you can use another command-line tool included with the Android SDK named jarsigner
. However, Xamarin Studio simplifies this process by providing a user interface to run your package.
Open your Android project in Xamarin Studio and carry out the following steps to walk through the process of signing an apk
file:
keystore
file that you just created.apk
file and click on Create.When successful, a pad in Xamarin Studio will appear displaying the progress. The pad that appears looks like what is shown in the following screenshot:
It is important to note that Xamarin.Android automatically runs a second tool called zipalign
after signing the APK. This tool aligns the bytes within an APK to improve the startup time of your app. If you plan on running jarsigner
from the command line itself, you must run zipalign
as well. Otherwise, the app will crash on startup, and Google Play will also not accept the APK.
18.117.105.28