How to generate a signed apk in Android Studio for Google Play (includes keystore)
- Andrés Cruz
When we want to develop an Android application (not to say any system in general) you first conceive the application, it is designed, it is tested on emulators and physical devices, the errors are corrected, the rest of the functionalities are finished developing and it is tested again. the application (you repeat this cycle n times where n tends to infinity...) and then you try to upload the Debug apk to your Google Play account and you see an error like the following:
This is a situation that can be normal for people who are starting to develop with Android; To upload an apk to Google Play it is necessary that it be signed through a digital certificate that is very easy to generate with Android Studio
The apk that we generally use is a file that we can use to test physical and virtual devices, but nothing else, we cannot use it to upload it to Google Play for security reasons (imagine that just by obtaining the apk of applications so famous like Twitter or Facebook we can easily upload it to an account on Google Play...).
Generating the signed apk in Android Studio
As explained, the signed apk is the same debug apk but it has a digital certificate, thus guaranteeing its authorship; In other words, the apk to be uploaded to Google Play is the person who developed it, that is, they have the source of the application.
Google's Google Play requires that all the APKs that are stored in its application repository must be digitally signed, and we can do it perfectly from Android Studio using the keystore, which is a file to store primary key repositories.
Knowing certificates and keystores
Digital certificates are not something new, we use them in an infinite number of elements, for example in PUSH type notifications, in which digital certificates that consist of a public key and a private key that is saved and restricted are used, it is like a couple username and password, data or metadata of these certificates is generally saved to have owner information, things like the name, surname, location, description are common elements; these keys are an instrument to protect your applications, it is to leave your "footprint" that is unique and being digital is known as a fingerprint and in this way your Android application will be in good shelter and allows Google through Google Play to know Whose APK is being uploaded and act accordingly in case there is a different certificate than the one initially uploaded.
The Keystore to store the keys
You may wonder where the keystore comes into all this, the keystore are files that, as the name indicates, contain keys, it is like a key store or a key repository; here is your private key that you should not share with anyone who should not have access to your application; When we create our signed Android application a little later, you will see that Android Studio asks us through a form where the key repository or keystore is.
The keystore is a repository that allows you to store primary keys
Generating the signed apk in Android Studio
To generate a signed apk we have to go to "Build" and "Generate Signed APK...":
As you can see, it is right next to the option that allows us to generate unsigned apks in Android Studio, the ones we use for debugging: "Build APK".
And since it is possibly the first time that you are exporting the apk in this way, we will have to enter a path, a pair of keys and an alias as we will see below in the following window:
If you don't have a Key Store already created, you must press the "Create new..." button and fill in the form as we did in the old Eclipse with the ADT; It is the same form with data from the developer and validity of the key or primary key.
Remember that a certificate consists of a private and public key pair that allows you to identify who owns the key (as we will see in the information requested by Android Studio in the next steps).
Then we press next and fill out the following form, as you can see it is very similar to the one used by the old Eclipse with the ADT plugin in an entry that we saw a long time ago.
Finally we indicate the directory to export the apk.
We must keep this generated certificate in a safe place, because if we lose or delete it we will have to upload the application from scratch (you will not be able to upload an apk with another certificate for the same project on Google Play).
Where is the signed APK located?
If you didn't change the above location, the signed apk will be exported at:
Your_app_name > App > app-release.apk.
We put the name we want and that's it, we can use this apk to upload it to Google Play; It doesn't matter what you name the file, it just matters that the above procedure doesn't give you some kind of error.
These types of procedures can be generated through command lines or the console of Windows, Linux, Mac or wherever you run your development environment for Android, in this post we show you the most direct and simple way that consists of filling in some simple forms as we saw previously; if you need to have the SHA1 certificate from android studio:
Develop with Laravel, Django, Flask, CodeIgniter, HTML5, CSS3, MySQL, JavaScript, Vue, Android, iOS, Flutter