Chapter 21. Packaging, Deploying, and Distributing/Selling Your App

The success of Android has led to a proliferation of application markets. But the official Google Play Store remains the largest marketplace for distributing your app, so we will cover that here, along with information on preparing your app, making it harder to reverse-engineer, and other information you may need along the way.

21.1 Creating a Signing Certificate and Using It to Sign Your Application

Zigurd Mednieks


You want to publish an application, and you need a “signing key” to complete the process. You then want to sign your application prior to uploading it to the Google Play Store.


Use the standard JDK tool keytool to generate a self-signed certificate. An APK file is a standard Java Archive (JAR) file, so you just use the standard JDK tool jarsigner.


Google has stated that one of its intentions with Android was to minimize the hassle of getting applications signed. You don’t have to go to a central signing authority to get a signing certificate; you can create the certificate yourself. Once you generate the certificate, you can sign your application using the jarsigner tool that comes with the Java JDK. Once again, you don’t need to apply for or get anyone’s approval. As you’ll see, it’s about as straightforward as signing can be.

In this recipe, we are going to create an encrypted signing certificate and use it to sign an application. You can sign every Android application ...

Get Android Cookbook, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.