Signing packages

From Android Wiki

Jump to: navigation, searcha

Once you have generated a key, the Google-recommended way of signing a package during a build is to use the jarsigner tool.

The standard Ant build scripts are supposed to allow you to automate signing packages. However, I had some trouble with this, so I am currently including explicit signjar and zipalign commands in my build.xml. I also add a file called to my source directory, which I exclude from version control, because it contains my keystore password. This defines three custom properties that I use in the signjar command:


Then in my build.xml, I include this properties file somewhere convenient (e.g. just after the inclusion of

    <property file="" />

And then I define a new target called signed, which depends on the standard -package-release target, as follows:

    <target name="signed" depends="-package-release">
            keystore="${keystore.path}" alias="${keystore.alias}" storepass="${keystore.password}"
        <exec executable="${sdk.dir}/tools/zipalign">
            <arg value="-f"/>
            <arg value="-v"/>
            <arg value="4"/>
            <arg value="bin/${}-unaligned.apk"/>
            <arg value="bin/${}.apk"/>

Now I can just type

ant signed

to automatically invoke the compilation, packaging, signing and aligning steps.

For a fully-worked example of this in action, see the source code to ti5x_android.

Personal tools