How to use jarsigner for signing an apk?

Question

I have very little programming knowledge.I am able to open jar signer through the command prompt then I get various jar signer options,which i do not know how to use them.Can anyone explain me what should i type in the command prompt in order to sign the app?

score 41 · Answer 1 · answered Jan 30 '14 at 14:19

41

You can find all the information you need about this topic on d.android.com: http://developer.android.com/tools/publishing/app-signing.html#signapp

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore
my_application.apk alias_name

One thing that cost me a few hours already, but is also mentioned in the official documentation:

As of JDK 7, the default signing algorithim has changed, requiring you to specify the signature and digest algorithims (-sigalg and -digestalg) when you sign an APK

answered Jan 30 '14 at 14:19

TomTasche

5,027
6
39
64

where should i put my keystore and apk files? – user3143901 Jan 30 '14 at 14:59
1

i have tried the following c\programfiles\java\jdk1.7.0_45\bin\jarsigner-verbose-sigalg SHA1withRSA-digestalg SHA1-keystore myapp.apk – user3143901 Jan 30 '14 at 15:08
i am getting the error "system cannot find the path specified" – user3143901 Jan 30 '14 at 15:09
Probably because the command you posted is missing tons of spaces and other useful symbols. Try something like: C:\Program Files\java\jdk1.7.0_45\bin\jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore myapp.apk – TomTasche Jan 30 '14 at 15:12
what should i type in the ? – user3143901 Jan 31 '14 at 05:48
should i put the keystore and apk files in the java folder? – user3143901 Jan 31 '14 at 05:49
i typed exactly what u said and i am getting the error "it is not recognized as internal or extenal command" – user3143901 Jan 31 '14 at 05:54
after trying dozens of times i get the error "ACCESS IS DENIED" – user3143901 Jan 31 '14 at 08:57
1

Please read through the whole guide: http://developer.android.com/tools/publishing/app-signing.html#signapp Alternatively, you can simply sign your app using Eclipse. – TomTasche Jan 31 '14 at 10:39

score 14 · Answer 2 · answered Jan 30 '14 at 13:15

14

Use the jarsigner as below:

jarsigner -keystore <keystore_file> -storepass <storepassword> <filenameTosigned> <alias>

answered Jan 30 '14 at 13:15

Rahul

3,401
3
13
27

rahul bhai....i have tried the following c\programfiles\java\jdk1.7.0_45\bin\jarsigner-verbose-sigalg SHA1withRSA-digestalg SHA1-keystore myapp.apk – user3143901 Jan 30 '14 at 15:05
where should i put the keystore and apk files – user3143901 Jan 30 '14 at 15:05
Tried this. But getting a warning also, Warning: No -tsa or -tsacert is provided and this jar is not timestamped. Without a times tamp, users may not be able to validate this jar after the signer certificate's expiration date (2042-07-31) or after any future revocation date. – jrhamza Mar 27 '15 at 11:46
1

You can ignore that warning. – Ahmed Nov 17 '15 at 17:21

score 4 · Answer 3 · edited Jan 24 '20 at 14:52

4

For -tsa option enter the next one:

jarsigner -verbose **-tsa http://timestamp.comodoca.com/rfc3161** -sigalg SHA1withRSA -digestalg SHA1 -keystore your_keystor_name.keystore YourAPK.apk youralias_key

edited Jan 24 '20 at 14:52

tostao

2,425
2
32
54

answered Sep 24 '15 at 17:50

demosthenes

998
1
11
17

How to use jarsigner for signing an apk?

3 Answers3

Linked