185

I made a sample application named checkStatus. Now I want to create a signed APK file. So I can install it in different devices for my testing.

For this, I Googled and found this documentation.

As per the document, I switched to my project directory and ran the following command:

keytool -genkey -v -keystore key-name.keystore -alias alias-name -keyalg RSA -keysize 2048 -validity 10000

After I ran the above command, I got a file named key-name.keystore at projectRoot/key-name.keystore.

And then I copy-pasted that file into projectRoot/platforms/android/key-name.keystore.

After that, I created a file named ant.properties and saved it in projectRoot/platforms/android.

I wrote the following code inside the file:

key.store=projectRoot/key-name.keystore
key.alias=myApp

After that, I ran the following command to release

Cordova builds android --release

It's throwing the following error:

 /home/projectRoot/platforms/android/cordova/node_modules/q/q.js:126
                throw e;
                      ^
Error code 1 for command: ant with args: release,-f,/home/projectRoot/platforms/android/build.xml,-Dout.dir=ant-build,-Dgen.absolute.dir=ant-gen

 Error: /home/projectRoot/platforms/android/cordova/build: Command failed with exit code 8
at ChildProcess.whenDone (/usr/lib/node_modules/cordova/node_modules/cordova-lib/src/cordova/superspawn.js:135:23)
at ChildProcess.EventEmitter.emit (events.js:98:17)
at maybeClose (child_process.js:753:16)
at Process.ChildProcess._handle.onexit (child_process.js:820:5)

So this time, I modified key.store value in ant.properties file like in the following way.

 key.store=/home/projectRoot/platforms/android/key-name.keystore

Again, I ran the cordova build android --release command. It throws the same error.

Can anyone tell me what I've done wrong?

Jonathan Hall
  • 75,165
  • 16
  • 143
  • 189
vasan
  • 2,203
  • 3
  • 18
  • 22

11 Answers11

332

Step 1:

D:\projects\Phonegap\Example> cordova plugin rm org.apache.cordova.console --save

add the --save so that it removes the plugin from the config.xml file.

Step 2:

To generate a release build for Android, we first need to make a small change to the AndroidManifest.xml file found in platforms/android. Edit the file and change the line:

<application android:debuggable="true" android:hardwareAccelerated="true" android:icon="@drawable/icon" android:label="@string/app_name">

and change android:debuggable to false:

<application android:debuggable="false" android:hardwareAccelerated="true" android:icon="@drawable/icon" android:label="@string/app_name">

As of cordova 6.2.0 remove the android:debuggable tag completely. Here is the explanation from cordova:

Explanation for issues of type "HardcodedDebugMode": It's best to leave out the android:debuggable attribute from the manifest. If you do, then the tools will automatically insert android:debuggable=true when building an APK to debug on an emulator or device. And when you perform a release build, such as Exporting APK, it will automatically set it to false.

If on the other hand you specify a specific value in the manifest file, then the tools will always use it. This can lead to accidentally publishing your app with debug information.

Step 3:

Now we can tell cordova to generate our release build:

D:\projects\Phonegap\Example> cordova build --release android

Then, we can find our unsigned APK file in platforms/android/ant-build. In our example, the file was platforms/android/ant-build/Example-release-unsigned.apk

Step 4:

Note : We have our keystore keystoreNAME-mobileapps.keystore in this Git Repo, if you want to create another, please proceed with the following steps.

Key Generation:

Syntax:

keytool -genkey -v -keystore <keystoreName>.keystore -alias <Keystore AliasName> -keyalg <Key algorithm> -keysize <Key size> -validity <Key Validity in Days>

Egs:

keytool -genkey -v -keystore NAME-mobileapps.keystore -alias NAMEmobileapps -keyalg RSA -keysize 2048 -validity 10000


keystore password? : xxxxxxx
What is your first and last name? :  xxxxxx
What is the name of your organizational unit? :  xxxxxxxx
What is the name of your organization? :  xxxxxxxxx
What is the name of your City or Locality? :  xxxxxxx
What is the name of your State or Province? :  xxxxx
What is the two-letter country code for this unit? :  xxx

Then the Key store has been generated with name as NAME-mobileapps.keystore

Step 5:

Place the generated keystore in

old version cordova

D:\projects\Phonegap\Example\platforms\android\ant-build

New version cordova

D:\projects\Phonegap\Example\platforms\android\build\outputs\apk

To sign the unsigned APK, run the jarsigner tool which is also included in the JDK:

Syntax:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore <keystorename> <Unsigned APK file> <Keystore Alias name>

Egs:

D:\projects\Phonegap\Example\platforms\android\ant-build> jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore NAME-mobileapps.keystore Example-release-unsigned.apk xxxxxmobileapps

OR

D:\projects\Phonegap\Example\platforms\android\build\outputs\apk> jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore NAME-mobileapps.keystore Example-release-unsigned.apk xxxxxmobileapps

Enter KeyPhrase as 'xxxxxxxx'

This signs the apk in place.

Step 6:

Finally, we need to run the zip align tool to optimize the APK:

D:\projects\Phonegap\Example\platforms\android\ant-build> zipalign -v 4 Example-release-unsigned.apk Example.apk

OR

D:\projects\Phonegap\Example\platforms\android\ant-build> C:\Phonegap\adt-bundle-windows-x86_64-20140624\sdk\build-tools\android-4.4W\zipalign -v 4 Example-release-unsigned.apk Example.apk

OR

D:\projects\Phonegap\Example\platforms\android\build\outputs\apk> C:\Phonegap\adt-bundle-windows-x86_64-20140624\sdk\build-tools\android-4.4W\zipalign -v 4 Example-release-unsigned.apk Example.apk

Now we have our final release binary called example.apk and we can release this on the Google Play Store.

Jonathan Hall
  • 75,165
  • 16
  • 143
  • 189
cfprabhu
  • 5,267
  • 2
  • 21
  • 30
  • 10
    Okay I accept your thought. But I have private git repository and we have a team for work on mobile app. So it is comfortable for me. – cfprabhu May 16 '15 at 08:57
  • 5
    Why was it important to remove org.apache.cordova.console? – Shai UI Oct 08 '15 at 19:37
  • 1
    Cordova.console plugin is used for debugging purpose. That why we have removed from production app. Because production app didn't need that. And if we removed that plugin it will be reduce the app size also. – cfprabhu Oct 09 '15 at 06:24
  • 1
    Looks a bit scary, but went through the steps with ease. Nice one! Also, latest cordova has changes in the release apk directory. – Shah Abaz Khan Jan 23 '16 at 11:32
  • 5
    @cfprabhu Step 5 is throwing a warning "No -tsa or -tsacert is provided and this jar is not timestamped.". Fixed it by adding "-tsa timestamp.digicert.com" to the command. Might be useful for other users – Thomas Bormans Apr 01 '16 at 13:29
  • 6
    zipalign under OSX is available at ~/Library/Android/sdk/build-tools/22.0.1/zipalign – chillwalker Dec 15 '16 at 18:55
  • 2
    @ThomasBormans somehow `-tsa timestamp.digicert.com` threw a NullPointerException for me. `-tsa http://timestamp.digicert.com` seems to fix it – Thomas Feb 23 '17 at 14:36
  • @aswzen can you give me some more details regarding your issue plz? – cfprabhu Jul 08 '17 at 17:35
  • 1
    @cfprabhu i am commenting a comment.. by the way in windows, default android sdk if installed from latest cordova console was `C:\Users\[PC Username]\AppData\Local\Android\sdk\build-tools` ..zip align tool was there – aswzen Jul 10 '17 at 04:53
  • be careful with Key Generation...if you playing with google play store – aswzen Aug 08 '17 at 04:21
  • Hello, I did it in the past following your steps. but in a different computer now step 4 prompts: `error de herramienta de claves: java.io.FileNotFoundException: NAME-~/.android/release.keystore (No such file or directory) java.io.FileNotFoundException: NAME-~/.android/release.keystore (No such file or directory)` any idea why? ( using `keytool -genkey -v -keystore NAME-~/.android/release.keystore -alias appName -keyalg RSA -keysize 2048 -validity 10000` ) – Toni Michel Caubet Sep 26 '17 at 08:41
  • Please make sure that folder have your keystore file. – cfprabhu Sep 26 '17 at 08:45
  • 1
    I've made all of these steps and everything works like a charm! Thank you. I'm a frontend developer not familiar with Cordova/Android/Android Studio/etc., so you saved me tons of hours. – artuska Dec 08 '17 at 16:15
  • @artuska Thank you. Happy coding. If you need any help on cordova contact me cfprabhu@yahoo.com – cfprabhu Dec 08 '17 at 16:16
  • if you are running with the problem of "c:\program is not recognized" then pls use ""[double quote] from start to end eg D:\projects\Phonegap\Example\platforms\android\build\outputs\apk> "C:\Phonegap\adt-bundle-windows-x86_64-20140624\sdk\build-tools\android-4.4W\zipalign" -v 4 Example-release-unsigned.apk Example.apk ] – Ajit Singh Mar 03 '18 at 17:52
  • The only guide that helped me, THANK YOU MAN! – Leandro Gamarra Apr 26 '21 at 15:16
133

An update to @malcubierre for Cordova 4 (and later)-

Create a file called release-signing.properties and put in APPFOLDER\platforms\android folder

Contents of the file: edit after = for all except 2nd line

storeFile=C:/yourlocation/app.keystore
storeType=jks
keyAlias=aliasname
keyPassword=aliaspass
storePassword=password

Then this command should build a release version:

cordova build android --release

UPDATE - This was not working for me Cordova 10 with android 9 - The build was replacing the release-signing.properties file. I had to make a build.json file and drop it in the appfolder, same as root. And this is the contents - replace as above:

{
"android": {
    "release": {
       "keystore": "C:/yourlocation/app.keystore",
        "storePassword": "password",
        "alias": "aliasname",
        "password" : "aliaspass",
        "keystoreType": ""
    }
}
}

Run it and it will generate one of those release-signing.properties in the android folder

Jon
  • 6,437
  • 8
  • 43
  • 63
  • 2
    Thanks! You can also change the name/location of your properties file, but you have to specify in a `build-extras.gradle` file. Relevant cordova doc [here](https://cordova.apache.org/docs/en/latest/guide/platforms/android/index.html#extending-buildgradle). – Dunc Apr 08 '16 at 10:59
  • My app is not getting update to next version, first version created in ant build(cordova 3). I upgraded my cordova to 6.0.0 now second version is created in gradle build, I followed the latest cordova doc to create signed apk but still my app not getting updated. I gone through the all the info of the web but still somewhere am going wrong. Please help me @Dunc – NGB Apr 22 '16 at 10:31
  • @Naveen I'm using Cordova 5.2.0, had various problems with other versions > 5. Suggest you [try that](http://stackoverflow.com/a/22166056/188926) if you can. Then, if still having problems, I recommend asking a new question. – Dunc Apr 22 '16 at 14:11
  • Still having problem, new version of apk is not getting downloaded from existing app. @Dunc – NGB Apr 23 '16 at 05:21
  • @Dunc any solution – NGB Apr 26 '16 at 08:30
  • @Naveen Not sure I can help, it's probably best if you start a new SO question detailing your specific issue: http://stackoverflow.com/questions/ask – Dunc Apr 26 '16 at 09:28
  • I asked this question so many times and ended up in blocking stackoverflow, I can only comment here that's why asking like this. If you know something please help me@Dunc – NGB Apr 26 '16 at 11:18
  • @Jon. Thanks for the solution. But i am getting the apk with name android-release. Is there a way to name my apk? please help – AishApp May 19 '16 at 10:15
  • you can rename the apk like any file in windows (etc). I just upload the xxx-relese.apk to google play, and all the encoded app name etc from manifest /config etc shows up on the play store. I am not sure if there is any difference as to the name of the actual apk. – Jon May 19 '16 at 14:07
  • See http://stackoverflow.com/questions/17663991/keystore-and-key-alias & http://stackoverflow.com/questions/28034899/how-to-retrieve-key-alias-and-key-password-for-signed-apk-in-android-studiomigr – Jon Sep 25 '16 at 11:18
  • Would again like to point out the docs. They outline a few different ways to sign, including gradle. https://cordova.apache.org/docs/en/latest/guide/platforms/android/index.html#using-buildjson – laughingpine Nov 07 '16 at 22:19
  • this answer does not works, I dont know why it has so many upvotes – Sartheris Stormhammer Mar 15 '17 at 08:00
  • You still need to run zipalign on the signed apk like in cfprabhu 's answer – Mawcel Sep 20 '17 at 08:53
  • Note that if you do not want to store the passwords in the file, just remove the password lines. When building, cordova will prompt for the passwords. – Aleks G Oct 01 '17 at 20:30
  • Works with cordova 8.0.0 – croppio.com Jun 08 '18 at 14:04
  • the dot after aliaspass is confusing. Reproduce the same password with "password" : "aliaspass", – Intuitisoft Nov 10 '20 at 15:09
60

In the current documentation we can specify a build.json with the keystore:

{
     "android": {
         "debug": {
             "keystore": "..\android.keystore",
             "storePassword": "android",
             "alias": "mykey1",
             "password" : "password",
             "keystoreType": ""
         },
         "release": {
             "keystore": "..\android.keystore",
             "storePassword": "",
             "alias": "mykey2",
             "password" : "password",
             "keystoreType": ""
         }
     }
 }

And then, execute the commando with --buildConfig argumente, this way:

cordova run android --buildConfig
JepZ
  • 1,159
  • 14
  • 27
infinito84
  • 1,971
  • 17
  • 8
20

Step1:

Go to cordova\platforms\android ant create a fille called ant.properties file with the keystore file info (this keystore can be generated from your favorite Android SDK, studio...):

key.store=C:\\yourpath\\Yourkeystore.keystore
key.alias=youralias

Step2:

Go to cordova path and execute:

cordova build android --release

Note: You will be prompted asking your keystore and key password

An YourApp-release.apk will appear in \cordova\platforms\android\ant-build

Martín Alcubierre
  • 4,341
  • 1
  • 27
  • 27
  • 5
    starting with cordova 5, the process changes a little bit: http://ilee.co.uk/Sign-Releases-with-Cordova-Android/#comment-2054560088 – Sombriks Jul 09 '15 at 19:13
  • With Cordova 5 name file "release-signing.properties" instead of "ant.properties"; all other steps are exactly as described by @malcubierre – Mario Orlandi Mar 30 '16 at 10:36
  • new version of apk is not getting downloaded from existing app in cordova 6.0.0. I followed all the docs still not solved my issue can you help me @MarioOrlandi – NGB Apr 25 '16 at 06:45
11

In cordova 6.2.0, it has an easy way to create release build. refer to other steps here Steps 1, 2 and 4

cd cordova/ #change to root cordova folder
platforms/android/cordova/clean #clean if you want
cordova build android --release -- --keystore="/path/to/keystore" --storePassword=password --alias=alias_name #password will be prompted if you have any
Community
  • 1
  • 1
Midhun KM
  • 1,647
  • 1
  • 21
  • 31
  • I am getting an error of `The system cannot find the file specified` using Cordova 6.2.0 – mr5 Jan 20 '17 at 09:11
  • have you replaced the keystore path? If so please post the command here. – Midhun KM Jan 20 '17 at 09:56
  • Yep. It's `cordova build android --release -- --keystore="C:\release.keystore" --storePassword=****** --alias=mr5` – mr5 Jan 20 '17 at 10:50
  • 1
    After enclosing my password with `"`(double quote), it started to run. I think Cordova has an issue about parsing special characters. – mr5 Jan 20 '17 at 11:07
  • If anyone use Ionic, you can checkout this document http://ionicframework.com/docs/cli/cordova/build/ – Nguyen Tran Aug 08 '17 at 07:26
7

On Mac (osx), I generated two .sh files, one for the first publication and another one for updating :

#!/bin/sh
echo "Ionic to Signed APK ---- b@agencys.eu // Benjamin Rathelot\n"
printf "Project dir : "
read DIR
printf "Project key alias : "
read ALIAS
cd $DIR/
cordova build --release android
cd platforms/android/build/outputs/apk/
keytool -genkey -v -keystore my-release-key.keystore -alias $ALIAS -keyalg RSA -keysize 2048 -validity 10000
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore android-release-unsigned.apk $ALIAS
zipalign -v 4 android-release-unsigned.apk signedApk.apk

And to update your app:

#!/bin/sh
echo "Ionic to Signed APK ---- b@agencys.eu // Benjamin Rathelot\n"
printf "Project dir : "
read DIR
printf "Project key alias : "
read ALIAS
cd $DIR/
cordova build --release android
cd platforms/android/build/outputs/apk/
rm signedApk.apk
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore android-release-unsigned.apk $ALIAS
zipalign -v 4 android-release-unsigned.apk signedApk.apk

Assuming you're in your home folder or a folder topping your apps folders. Make sure to set correctly chmod to use this script. Then :

./ionicToApk.sh # or whatever depending of the name of your file, in CLI

Your signed apk will be in Your App folder/platforms/android/build/outputs/apk/ as SignedApk.apk Make sure to use the correct key alias and password defined with the first script

Ben
  • 99
  • 1
  • 4
3
##Generated signed apk from commandline
#variables
APP_NAME=THE_APP_NAME
APK_LOCATION=./
APP_HOME=/path/to/THE_APP
APP_KEY=/path/to/Android_key
APP_KEY_ALIAS=the_alias
APP_KEY_PASSWORD=123456789
zipalign=$ANDROID_HOME/build-tools/28.0.3/zipalign

#the logic
cd $APP_HOME
cordova build --release android
cd platforms/android/app/build/outputs/apk/release
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore $APP_KEY ./app-release-unsigned.apk $APP_KEY_ALIAS <<< $APP_KEY_PASSWORD
rm -rf "$APK_LOCATION/$APP_NAME.apk"
$zipalign -v 4 ./app-release-unsigned.apk "$APK_LOCATION/$APP_NAME.apk"
open $APK_LOCATION
#the end
nicolsondsouza
  • 426
  • 3
  • 15
2

Build cordova release APK file in cmd.

KEY STORE FILE PATH: keystore file path (F:/cordova/myApp/xxxxx.jks)

KEY STORE PASSWORD: xxxxx

KEY STORE ALIAS: xxxxx

KEY STORE ALIAS PASSWORD: xxxxx

PATH OF zipalign.exe: zipalign.exe file path (C:\Users\xxxx\AppData\Local\Android\sdk\build-tools\25.0.2\zipalign)

ANDROID UNSIGNED APK NAME: android-release-unsigned.apk

ANDROID RELEASE APK NAME: android-release.apk

Run below steps in cmd (run as administrator)

  1. cordova build --release android
  2. go to android-release-unsigned.apk file location (PROJECT\platforms\android\build\outputs\apk)
  3. jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore <KEY STORE FILE PATH> <ANDROID UNSIGNED APK NAME> <KEY STORE ALIAS>
  4. <PATH OF zipalign.exe> -v 4 <ANDROID UNSIGNED APK NAME> <ANDROID RELEASE APK NAME>
Om Shankar
  • 265
  • 4
  • 11
1

First Check your version code and version name if you are updating your app. And make sure you have a previous keystore.

If you are updating app then follow step 1,3,4.

Step 1:

Goto your cordova project for generate our release build:

D:\projects\Phonegap\Example> cordova build --release android

Then, we can find our unsigned APK file in platforms/android/ant-build. In our example, the file was

if u used ant-build

yourproject/platforms/android/ant-build/Example-release-unsigned.apk

OR

if u used gradle-build

yourProject/platforms/android/build/outputs/apk/Example-release-unsigned.apk

Step 2:

Key Generation:

Syntax:

keytool -genkey -v -keystore <keystoreName>.keystore -alias <Keystore AliasName> -keyalg <Key algorithm> -keysize <Key size> -validity <Key Validity in Days>

if keytool command not recognize do this step

Check that the directory the keytool executable is in is on your path. (For example, on my Windows 7 machine, it's in C:\Program Files (x86)\Java\jre6\bin.)

Example:

keytool -genkey -v -keystore NAME-mobileapps.keystore -alias NAMEmobileapps -keyalg RSA -keysize 2048 -validity 10000


keystore password? : xxxxxxx
What is your first and last name? :  xxxxxx
What is the name of your organizational unit? :  xxxxxxxx
What is the name of your organization? :  xxxxxxxxx
What is the name of your City or Locality? :  xxxxxxx
What is the name of your State or Province? :  xxxxx
What is the two-letter country code for this unit? :  xxx

Then the Key store has been generated with name as NAME-mobileapps.keystore

Step 3:

Place the generated keystore in D:\projects\Phonegap\Example\platforms\android\ant-build

To sign the unsigned APK, run the jarsigner tool which is also included in the JDK:

Syntax:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore <keystorename <Unsigned APK file> <Keystore Alias name>

If it doesn't reconize do these steps

(1) Right click on "This PC" > right-click Properties > Advanced system settings > Environment Variables > select PATH then EDIT.

(2) Add your jdk bin folder path to environment variables, it should look like this:

"C:\Program Files\Java\jdk1.8.0_40\bin".

Example:

D:\projects\Phonegap\Example\platforms\android\ant-build> jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore NAME-mobileapps.keystore Example-release-unsigned.apk xxxxxmobileapps

Enter KeyPhrase as 'xxxxxxxx'

This signs the apk in place.

Step 4:

Finally, we need to run the zip align tool to optimize the APK:

if zipalign not recognize then

(1) goto your android sdk path and find zipalign it is usually in android-sdk\build-tools\23.0.3

(2) Copy zipalign file paste into your generate release apk folder usually in below path

yourproject/platforms/android/ant-build/Example-release-unsigned.apk

D:\projects\Phonegap\Example\platforms\android\ant-build> zipalign -v 4 Example-release-unsigned.apk Example.apk

OR

D:\projects\Phonegap\Example\platforms\android\ant-build> C:\Phonegap\adt-bundle-windows-x86_64-20140624\sdk\build-tools\android-4.4W\zipalign -v 4 Example-release-unsigned.apk Example.apk

Now we have our final release binary called example.apk and we can release this on the Google Play Store.

Arpit Patel
  • 7,212
  • 5
  • 56
  • 67
1

Great news! cordova 10 include the new android version with app-release.aab.

Or Choban
  • 1,661
  • 1
  • 8
  • 9
0

For Windows, I've created a build.cmd file:

(replace the keystore path and alias)

For Cordova:

@echo off 
set /P spassw="Store Password: " && set /P kpassw="Key Password: " && cordova build android --release -- --keystore=../../local/my.keystore --storePassword=%spassw% --alias=tmpalias --password=%kpassw%

And for Ionic:

@echo off 
set /P spassw="Store Password: " && set /P kpassw="Key Password: " && ionic build --prod && cordova build android --release -- --keystore=../../local/my.keystore --storePassword=%spassw% --alias=tmpalias --password=%kpassw%

Save it in the ptoject's directory, you can double click or open it with cmd.

ssz
  • 177
  • 3
  • 5