24

I have an existing unsigned apk and I want to sign it using my debug.keystore file. Here I found a tutorial how it can be done. 

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name

But what should I write as alias_name and what should be the passphrase? Is there any way to find out what alias_name and passphrase are used by Eclipse during the signing?

Dmitry Guselnikov
  • 999
  • 1
  • 6
  • 19

4 Answers4

39

You don't really want to create it with your debug key, but;

-alias androiddebugkey 
-keystore /the/path/debug.keystore 
-storepass android 
-keypass android
Marek Sebera
  • 37,155
  • 34
  • 153
  • 231
Stefan de Bruijn
  • 6,159
  • 2
  • 18
  • 29
  • 1
    FYI on Windows, the keystore is in %HOMEPATH%\.android\debug.keystore – Dunc Jun 16 '14 at 11:50
  • 21
    -alias doesn't seem to be an option. The command line on Mac is: ```jarsigner -verbose -keystore ~/.android/debug.keystore -storepass android -keypass android path/to/my.apk androiddebugkey``` – StephenD Sep 24 '14 at 21:07
  • It is worth noting that jdk1.6 will successfully sign APK using this method, but jdk1.7.0 will not. – Cory Trese Sep 29 '15 at 19:24
  • JDK 8 will work with the invocation in the comment by StephenD. – Roy Falk Nov 03 '16 at 07:17
21
jarsigner -verbose -keystore ~/.android/debug.keystore -storepass android -keypass android path/to/my.apk androiddebugkey

This worked for me.

MichaelS
  • 5,569
  • 5
  • 28
  • 42
user3717841
  • 213
  • 3
  • 7
4

For me, I have create a debug keystore first with all passwords, alias... are 'android' then go to Preferences -> Android -> Build and enter that as Custom debug keystore. Now any my debug will be auto signed with that key without requiring me to do any extra work!

Warning: I have learnt hard from my mistakes. I have uploaded my APK with that debug keystore to Google Store then published it for alpha testing (to test purchasing, signing in Google game play...). First that was very convenience since I could compile and run my app in debug mode without being trouble to re-enter keystore, passwords, create apk, install it on devices...

However, the problem is that after testing, I cannot upload the released apk (with my official keystore) to that project (because it has different key than previous loaded ones). I cannot delete that project either (since it has been published). At the end, I have to keep that one, rename the package of the app, create a new project, update new Google Api id, upload new apk... for official releasing.

Tony
  • 1,421
  • 18
  • 19
1

Expiry of the Debug Certificate The self-signed certificate used to sign your application in debug mode has an expiration date of 365 days from its creation date. When the certificate expires, you will get a build error.

trevor
  • 11
  • 1
  • I have a debug.keystore generated in June 2013 that still works for me in 2020, so I guess the 365-day expiration date you found must have been added by a version of the SDK that came out after 2013. – Silas S. Brown Feb 26 '20 at 16:35
  • 1
    Incidentally, [the newer Android Studio documentation](https://developer.android.com/studio/publish/app-signing#expdebug) says "The self-signed certificate used to sign your app for debugging has an expiration date of 30 *years* from its creation date" [emphasis mine]. So I don't know which versions set it to 365 days. – Silas S. Brown Feb 26 '20 at 16:48