Header Ads

Signing a Cordova App with a Cup of Coffee

11:49:00 , , ,


The first time I built a Cordova Andriod app, it was hell getting it signed and i couldn't upload for days. That is what inspired this post to help you avoid such fate.
I successfully found a way to sign my Cordova Android App and Upload it to Google Play Store for download and here is the solution.

Here's What we are to cover.


1.Generate a release build for Android.

2.Generate Keystore.

3. Sign the unsigned APK.

4. Run the zip align tool to optimize the APK.

Grab some popcorn and a cup of coffee

So let start...

I assume you are familiar with Cordova CLI command tools if not go and learn it first unless this may look like mandarin to you.

Step 1. To generate a release build for our cordova android App, we first need to make a small change to the AndroidManifest.xml file found in platforms/android. Edit the file and change the line:

<application android:debuggable="true" android:hardwareAccelerated="true" android:icon="@drawable/icon" android:label="@string/app_name">
and change android:debuggable to "false":

<application android:debuggable="false" android:hardwareAccelerated="true" android:icon="@drawable/icon" android:label="@string/app_name">
Note: For cordova 6.2.0 remove the android:debuggable tag completely.

Here is the explanation from Cordova as to why:

Explanation for issues of type "HardcodedDebugMode": It's best to leave out the android:debuggable attribute from the manifest. If you do, then the tools will automatically insert android:debuggable=true when building an APK to debug on an emulator or device. And when you perform a release build, such as Exporting APK, it will automatically set it to false.

If on the other hand, you specify a specific value in the manifest file, then the tools will always use it. This can lead to accidentally publishing your app with debug information.

2. Step 2:

Now we can tell Cordova to generate our release build:




D:\projects\Yusadolat\Example> Cordova build --release android
Then, we can find our unsigned APK file in platforms/android/ant-build. In our example, the file was platforms/android/ant-build/Example-release-unsigned.apk
...........................................................................................................................................................................................................

Also Read Introduction To PHP 7: What's New And What's Gone

...........................................................................................................................................................................................................
Step 3:

Note : We have our keystone 'keystoreNAME-mobileapps.keystore' in this Git Repo, if you want to create another, please proceed with the following steps.

Key Generation:


Syntax:

keytool -genkey -v -keystore <keystoreName>.keystore -alias <Keystore AliasName> -keyalg <Key algorithm> -keysize <Key size> -validity <Key Validity in Days>
Egs:

keytool -genkey -v -keystore NAME-mobileapps.keystore -alias NAMEmobileapps -keyalg RSA -keysize 2048 -validity 10000


keystore password? : xxxxxxx
What is your first and last name? :  xxxxxx
What is the name of your organizational unit? :  xxxxxxxx
What is the name of your organization? :  xxxxxxxxx
What is the name of your City or Locality? :  xxxxxxx
What is the name of your State or Province? :  xxxxx
What is the two-letter country code for this unit? :  xxx
Then the Key store has been generated with name as NAME-mobileapps.keystore


Step 4:

Place the generated keystore in D:\projects\Phonegap\Example\platforms\android\ant-build

To sign the unsigned APK, run the jarsigner tool which is also included in the JDK:




Syntax:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore <keystorename <Unsigned APK file> <Keystore Alias name>
Egs:

D:\projects\Yusadolat\Example\platforms\android\ant-build> jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore NAME-mobileapps.keystore Example-release-unsigned.apk xxxxxmobileapps

Enter KeyPhrase as 'xxxxxxxx'
This signs the apk in place.

Step 6:

Finally, we need to run the zip align tool to optimize the APK:

D:\projects\Yusadolat\Example\platforms\android\ant-build> zipalign -v 4 Example-release-unsigned.apk Example.apk
OR

D:\projects\Yusadolat\Example\platforms\android\ant-build> C:\Yusadolat\adt-bundle-windows-x86_64-20140624\sdk\build-tools\android-4.4W\zipalign -v 4 Example-release-unsigned.apk Example.apk

Now we have our final release binary called example.apk and we can release this on the Google Play Store.

You like this?  Remember to Share....


Post a Comment

Powered by Blogger.