Wednesday, March 5, 2014

Whatever you do don't lose that Android keystore

What is Android keystore? A keystore is a used for signing Android apps so they can be published on the Play Store. How that Android app is made either native, hybird, whatever doesn't matter. You will still need that key.

To use a key store you need to do two things:
  1. Go to the AndroidManifest.xml file and change android:debuggable from "true" to "false". You then run a build
  2. Next is to sign the resulting APK (after running the build) with the javarsigner. The command should look something like:

    $ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore HelloWorld-release-unsigned.apk alias_name
    
Now this assumes that you have created the keystore already if not then you have to go to your JDK folder and look for the keytool command.

$ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000

This will create a file that you must not lose under and circumstance. Do whatever it takes to keep it safe because if you lose then you won't be able to submit updates to your app.

Trust me on this, it's far less stressful keeping your keys safe than losing it. Can you imagine the hassle of having your users to re-install your Android app?