Helpcenter +918010117117" [email protected]
B4,309-10 Spaze iTech Park, Sector 49, Sohna Road, 122001 Gurgaon India
call to replace anchor tags contains '/admin' in href

Generating signing keys for Android app

Before uploading your Android app to Google Play Store, you need to sign your app. When publishing your app to Google Play for the first time, you must also configure Play App Signing. However, for that, you need to generate the signing keys for your Android app.

Android requires that all apps be digitally signed with a certificate before they can be installed. Android uses this certificate to identify the author of an app, and the certificate does not need to be signed by a certificate authority. Android apps often use self-signed certificates. 

The basics behind protecting your Android app is to use a generated certificate and digital key which provides a unique, encrypted, and reasonably un-hackable signature. This proves that the app came from you, not some other suspicious source.

This is done via a Keystore. The Keystore is a simple file with a really large block of encrypted data. This file can be stored anywhere on your computer, and this is generally the first problem that developers encounter. 

Keystore files are also protected by a pair of passwords:

  • one for the Keystore file itself and,
  • another for each keystore/alias pair within the file.

While these passwords should ideally be unique, most developers use the same password for both.

Generating a Keystore and upload key

You can generate a keystone by using Android Studio. To do so, follow the steps mentioned below:

  • Click Build > Generate Signed Bundle/APK option in the menu bar.
  • In the Generate Signed Bundle or APK dialog, select Android App Bundle or APK and click the Next button.
  • Click on the Create new button below the field for the Key store path.
  • On the New Key Store window, provide the following information for your Keystore and key, as shown in the image below.
  • Keystore
    • Key store path: Select the location where you want the Keystore to be created. Also, add a file name to the end of the location path with the .jks extension.
    • Password: Create and confirm a secure password for your Keystore.
  • Key
    • Alias: Enter a name for the key.
    • Password: Create and confirm a secure password for your key. This should be the same as your Keystore password. 
    • Validity (years): Set the length of time in years that your key will be valid. Your key should be valid for at least 25 years, so you can sign app updates with the same key through the lifespan of your app.
    • Certificate: Enter some information about yourself for your certificate. This information is not displayed in your app but is included in your certificate as part of the APK.
  • After entering the information, click the OK button.

After generating the signing keys, you need to sign your app with generated keys. For doing that, you require to build the Android app using the signing keys. For more information about the signing keys, go to the Android Developers site.