This lesson describes how to create a self-signed certificate and keystore for your Android application. You use the keystore details to sign your app via LCFM Native.
Introduction
The Android release system requires that all applications installed on user devices are digitally signed with certificates whose private keys are held by the developer of the applications. The certificates allow the Android system to identify the author of an application and establish trust relationships between developers and their applications. The certificates are not used to control which applications the user can and cannot install.
There are 2 ways to create a certificate for an Android app:
1. Using the "keytool" application from the Terminal
2. Using Android Studio
We are only going to consider the Android Studio route here.
How to create a certificate using Android Studio
1. Open Android Studio. Create a new empty project and click on Build -> Generate Signed Bundle/APK...
2. In the Generate Signed Bundle or APK dialog, select either Android App Bundle or APK and click Next.
3. Select a module from the drop down. In this case, you should only see "MyApplication1.app", which is the default name for the empty project you have created.
4. Below the field for Key store path, click Create new.
On the New Key Store window, provide the following information for your keystore and key:
- Keystore
Key store path: Select the location where your keystore should be created.
Password: Create and confirm a secure password for your keystore.
- Key
Alias: Enter an identifying name for your key.
Password: Create and confirm a secure password for your key. This should be different from the password you chose for your keystore.
Validity (years): Set the length of time in years that your key will be valid. Your key should be valid for at least 25 years, so you can sign app updates with the same key through the lifespan of your app.
Certificate: Enter some information about yourself for your certificate. This information is not displayed in your app, but is included in your certificate as part of the APK.
Once you complete the form, click OK.
Note: Android Studio might or might not append the .keystore
extension to the name of the newly created certificate. If not, you can just rename the file later and add the .keystore
extension
You have now created the signing key, in the "Key Store Path" location. Make sure you write down all the passwords as well as the alias, and keep them in a safe place. You will need them for signing the android standalone app in LCFM Native.
Signing your app
To sign your app, after you have built it in LCFM Native, go to your Deployment Profiles screen in LCFM Native, and click on Edit. Click on the Android icon at the top right of the screen to arrive at this screen:
Enter the information you saved while generating your Keystore in the previous step.
1. Enter the Keystore path - you can navigate to it by clicking the three dots next the X.
2. Enter the password for the Keystore
3. Enter the Alias you created as the name for your key
4. Enter the Key password.
5. Click Done.
Note: The Android website: https://developer.android.com/studio/publish/app-signing#sign_release has a lot of information and recommendations on how to create your private key. It is strongly recommended that you review that information in addition to what is covered in this lesson.