Chapter 21. Packaging, Deploying, and Distributing/Selling Your App

The success of Android has led to a proliferation of application markets. But the official Google Play Store remains the largest marketplace for distributing your app, so we will cover that here, along with information on preparing your app, making it harder to reverse-engineer, and other information you may need along the way.

21.1 Creating a Signing Certificate and Using It to Sign Your Application

Zigurd Mednieks

Problem

You want to publish an application, and you need a “signing key” to complete the process. You then want to sign your application prior to uploading it to the Google Play Store.

Solution

Use the standard JDK tool keytool to generate a self-signed certificate. An APK file is a standard Java Archive (JAR) file, so you just use the standard JDK tool jarsigner.

Discussion

Google has stated that one of its intentions with Android was to minimize the hassle of getting applications signed. You don’t have to go to a central signing authority to get a signing certificate; you can create the certificate yourself. Once you generate the certificate, you can sign your application using the jarsigner tool that comes with the Java JDK. Once again, you don’t need to apply for or get anyone’s approval. As you’ll see, it’s about as straightforward as signing can be.

In this recipe, we are going to create an encrypted signing certificate and use it to sign an application. You can sign every ...

Get Android Cookbook, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.