How To Create An App Keystore in AIDE


HomePage Prev Page
Browse View all Tutorials


Creating an App Keystore

Each app you create has by default a key attached to it. If you have not assigned a 'keystore' to your app then it is using a 'debugging key' or pre release key.
Typically, once your app is completed and ready to be published, you assign to it a 'public key' by creating an app 'keystore'.
This article provides a detailed summary of how to create a keystore for your android app, in AIDE, and Android Studio.

Public Key - Signing Key

Android Apps are required to have a 'Public Key', aka 'Signing Key' before they can be submitted to online distribution markets. The key serves a dual purpose;
it provides security for your app as it authenticates you as the owner of the app; and,
if you want to make updates to your app the key serves as a verification tool for this reason.

The key is usually added once you've completed developing your app, and are ready to publish it.
Basically, the public key is the identifier for your app; and stays the same for the life of the app.

Before you can add the key to your app, you must create a 'keystore'. This is the folder that will contain the keys for each app you make. You can name the folder as you like although a pre-named directory and directory location is usually populated automatically in AIDE. Just use your backspace key if you want to use a different directory or name than what's shown.

You can also add an 'alias' name for your app which is good especially if your developing more than one app. Make a note of your app's particulars especially the directory location of the keystore and your password.

In AIDE and Android Studio, you can create a keystore and add a signed key to your app.

Creating a Keystore in AIDE

You only need to create the 'keystore file' one time. Then you need to Specify the Directory Location of the keystore for each app you want to add a key to.

As shown in these images, to create your 'keystore file',

From the right side menu in AIDE;
Choose 'Settings' - then 'Build and Run';
Then click to checkmark at 'Custom Keystore';
Then choose - 'Create Keystore File';
The Form to enter your info then populates; fill in the required info and your developer info;
Fill in a Password and Confirm Password; (if one is already populated backspace to erase and put in your own);
When the form info is completed, click 'Create', to create your keystore file.




CREATE KEYSTORE


TO SIGN YOUR APP - SPECIFY FOLDER OF KEYSTORE


Now that you created your 'keystore', you can assign a key to your app(s).
The key is added to your app during the build process(when you RUN your app). To add the key and sign your app:

Leave the Checkmark at the 'Custom Keystore';
Next, choose the 'Keystore File',(specify the keystore file used for signing APKs during build) prompt;
When the form populates, just enter in the directory location of your Keystore File that you created
Click OK.
Next, RUN your app.

During the app build process, your signing key is added to the app and added to the keystore file.

Public Key - Certificate Key

In the following image, you can see both the Public Key and the Certificate Key. The keys are actually just a bunch of numbers and letters. The Public Key, is also known as the apps' Signing Key, Public Key and Public Key Certificate. This key should not be given to any person or service providing free APIs for you to use in your app.

And, the Certificate Key is also important to your app(apk), and it is generated from the signing key.

This key can be given to services that offer free APIs for you to use in your app(s).

In the image shown, also make note of the valid from and to dates. Basically this defines the life years of your app. Usually 25-35 years is most common to use. And, at some distribution markets a minimum number of years is required like 30 or 40, but otherwise, you can choose whatever time frame you like.

Creating Your Keystore in Android Studio

Creating a key for your app in Android Studio differs somewhat from AIDE. Here you provide two passwords, one for the keystore itself, and also one for the key for the app your signing. Make a note of your passwords and the directory location of your keystore.

To create your keystore in Android Studio:
From the Menu bar
Click Build>Build>Generate Signed (Bundle) Apk; Then Select Android APk, Click Next;
At field of Key store path click Create New;
Then at the New Key Store window enter required info;
Enter a Password for the Keystore;
Enter a Alias Name for the key;
Enter a Password for the key;
Click the Export encrypted key if your opting in to Google Play Key Signing
Click next
In the window, choose the Destination Folder for your signed app, and select the Build Type
Click Finish
To read a detailed guide Signing Your App Using Android Studio

Using Google Play Key and Amazon Key

As you submit your new apps to various appstores you will find that some prefer to use their own method of signing your app before distributing them. Here we will mention the key signing of Google Play Appstore and Amazon AppStore.

At Amazon Appstore your app key is removed and replaced with Amazon's own distribution key. To do this, they use the MD5 and SHA values from your app's signatures, and a new key is created. If you use Amazon Appstore, this key is provided automatically for you. This same key is used for all your apps in the appstore.

At Google Play Appstore they allow you to use your own signed app key; although they prefer you use theirs.

At Google Play AppStore they use two keys. One for uploading your app(Upload Key) and the other for distributing your app(Distribution Key) If you want to use the key that you signed your app with it becomes your 'Upload Key', and this same upload key must be used for the life of your app including any and all updates you want to make.

If you lose or your upload key is compromised you cannot send updates to your app; and if you give your app a new signed key;(upload key) then it must be re submitted as a 'New App', thus you lose all your ratings on Google Play, and the 'New App' must also be submitted using a new Package Name.

If however, you opt-in to Google's Play app signing service (included with your $25 US membership) and you have their 'Upload Key', and it is lost or compromised, Google will simply give you another one, and you continue to send updates as you did previously. You don't lose any of your Google ratings; and you don't have to submit a new app with a new package name.

This is why Google recommends and prefers you use their app signing service. Also at Google, your apps' validity (life of app in years) must be at least 34 years.
To read a detailed guide about App Signing at Google Play

APK ANALYZER TOOL

An APK Analyzer tool is useful for developers as it allows you to view your apk files on your device, export or share your app apk file, and provides additional info about your app apk such as Public key, Certificate Key, MD5 value, SHA values, app name, package name, first install date of app, SDK of app, version of app device, developer name, organization name, address, city, country.



And some free API services require the app's (apk) Certificate Key for allowing you to use their APIs in your app. By using the APK Analyzer tool you can easily find the Certificate Key for any app you've developed.

You can find many free and paid APK Analyzer tools on Google Play and Amazon.
This one (I use) is free with in app advertising, and provides for sharing and exporting of APK files.
APK Analyzer Tool Free
This allows you to export an apk to your device or share it, like uploading it to your cloud storage.
If your looking for Free Cloud Storage, these websites offer 5gb free: Microsoft One Drive, at One Drive Cloud
and Sync at Sync.com.


If you Like Our Free Android Tutorial - Give Us a Social Mention Share


AndroidAppCoding.com, All Rights Reserved