APK Certificates

Generating An Android Certificate

When decompiling an android application and compiling it back, you will need to sign the app, and if you don’t sign it, the Application will not be installed on the user device.

There are different ways of generating a certificate but the easiest and universal one is using keytool.

keytool -genkey -v -keystore KeyStoreName -alias KeyStoreAlias -keyalg RSA -keysize 2048 -validity 365

-keystore KeyStoreName is the keystore name

-alias KeyStoreAlias is the certificate alias name, which after you use it will be added to META-INF folder

-keysize 2048 You can use 4096 size, but there are issues regarding that from devices or so.

-validity 365 Validity in days

Generating a Certificate

Signing An Android Applicaiton

JarSigner

It's important to note your APK (YourAPK_unsigned.apk) will be overwritten. If you want to keep an unsigned copy, please first create a copy ofYourAPK_unsigned.apk

-sigalg is the signature algorithm used. There are some apps using MD5 but use SHA1 as when you are verifying the app it will tell you the hashing algorithm used and how weak the algorithm used is.

-keystore KeyStoreName is the name of the keystore name used when generating the certificate

YourAPK_unsigned.apk is the name of the app to be sign. Note: if you used MD5, the application will be treated as an unsign app because the algorithm used to sign the App is weak.

KeyStoreAlias is the alias name of the certificate used when creating the certificate.

APKSigner

Install APKSigner

Sign the APK

It's important to note your APK (YourAPK_unsigned.apk) will be overwritten. If you want to keep an unsigned copy, please first create a copy ofYourAPK_unsigned.apk

PreviousRooting Android Emulator Cheat SheetNextSAST

Last updated