Share your advanced knowledge/code with the community.
e2robot
 
Posts: 37
Joined: Wed Mar 19, 2014 8:34 am

How to sign a release APK

by e2robot Sun Nov 06, 2016 1:06 am

Not sure if anyone else has this strange issue.

Unless I include the debugger when creating APK, I get an APK corrupt error when installing to Nexus 5X running 7.0

Same happened with Beta 2.

regards,
Phil
Fred
Site Admin
 
Posts: 1011
Joined: Mon Feb 24, 2014 10:51 am

Re: SB 2.00 Beta 4 - APK corrupt unless debugger enabled

by Fred Sun Nov 06, 2016 5:59 am

It's because you need to sign the apk when compiling in release mode. Step to do it on Windows:

1) Open a command prompt

2) Ensures your JDK\bin directory is in the PATH (mine is here C:\Program Files\Java\jdk1.8.0_73\bin)

3) Create a new certificate with 'keytool' (which is in JDK\bin) (only required the first time)

Code: Select all
keytool -genkey -v -keystore my-release-key.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias app


4) Sign your apk with 'jarsigner' (which is in JDK\bin)

Code: Select all
jarsigner -verbose -tsa http://timestamp.digicert.com -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore yourpackage.apk alias_name -storepass yourkeystorepassword


5) Align the resulting zip with 'zipalign' (can be found in SpiderBasic\Android\android\sdk\build-tools\23.0.2)

Code: Select all
zipalign 4 yourpackage.apk yourpackage_signed.apk


Now your APK is ready to be installed, and you can even submit it to the google appstore (tested it and it work :), french users can search for 'SpiderTest' app on GooglePlay it should appear)
e2robot
 
Posts: 37
Joined: Wed Mar 19, 2014 8:34 am

Re: SB 2.00 Beta 4 - APK corrupt unless debugger enabled

by e2robot Sun Nov 06, 2016 7:54 am

Thanks for the detailed instructions !

Working fine now.

Just in case anyone misses it. The alias_name in the jarsigner step is the alias you specified in keytool step. In this case it's app

Regards,
Phil
Fred
Site Admin
 
Posts: 1011
Joined: Mon Feb 24, 2014 10:51 am

Re: How to sign a release APK

by Fred Sun Nov 06, 2016 7:59 am

Great ! I changed the title and moved to trick and tips so everyone could find this info easily
Leonhardt
 
Posts: 20
Joined: Wed Feb 26, 2014 9:41 am

Re: How to sign a release APK

by Leonhardt Mon Nov 21, 2016 11:04 am

mark
User avatar
Rings
 
Posts: 6
Joined: Tue Feb 25, 2014 9:44 am

Re: How to sign a release APK

by Rings Wed Dec 07, 2016 2:10 pm

should such a tip not been included in the IDE an been automated ?
falsam
 
Posts: 235
Joined: Mon May 05, 2014 9:49 pm
Location: France

Re: How to sign a release APK

by falsam Sat Dec 10, 2016 11:25 pm

Hello Fred.

Signing an APK is only to be able to publish on the store.

I would like to be able to transfer my apk to my terminal without going through the store.

The unknown source checkbox is checked on my terminal but the APK do not install.

If I install a signed APK, I can not upgrade with a new version.

Installing the application in debug mode (unsigned) would be very good but I would like the window debug not to be opened systematically.

Thanks.
➽ Windows 10 - JDK 1.8 - SB 2.20 - Android 5.5
Mood ☀️
http://falsam.com

Sorry for my poor english
Fred
Site Admin
 
Posts: 1011
Joined: Mon Feb 24, 2014 10:51 am

Re: How to sign a release APK

by Fred Sun Dec 11, 2016 7:33 am

You can use CloseDebugOutput() if you want to close it at start while being in debug mode. To reinstall a signed package, you need to uninstall it first, for all users (easier with adb)
Bradan
 
Posts: 17
Joined: Fri Nov 04, 2016 2:07 pm

Re: How to sign a release APK

by Bradan Sun Dec 11, 2016 9:44 am

If you sign it with the same certificate every time it should work. Only if you switch between release and debug certificates it will ask you to uninstall it first. At least thats how it is when developing android apps with the sdk. Usually ALL apks are signed, even the debug builds. However the IDE usually creates a debug certificate which expires once every year or so.
tj1010
 
Posts: 175
Joined: Wed May 27, 2015 1:36 pm

Re: How to sign a release APK

by tj1010 Sun Dec 11, 2016 2:53 pm

Disable trusted source under settings>security on your test device.. I use Bluetooth sometimes with unsigned.. Enable it when done. It's trivial to make a PB program using RunProgram and directory scan for auto-find to do this if you want it signed, but yeah integrated should be there since SB already needs the JDK path anyway. Just store a key per-install?

I forget all the model for apk signing but I think Google has to sign with their private key on the back-end of the store for an apk to install on a device without debug. They check them with their public key stored on all phones. I may be wrong partly I learned this years ago and forgot some of it.
Return to Tricks 'n' Tips

Who is online

Users browsing this forum: No registered users and 1 guest