Having tested my first Cordova app to death it was time to get it onto the Google Play store for Beta testing. You can’t use a debug build on the Play store and you can’t use an unsigned release build. Everyone has to sign their release builds so there must be an authoritative description of the process somewhere, right? That was my expectation but the Cordova documentation doesn’t even mention the step. Perhaps that’s not surprising, the signing process is really an Android thing but a few pointers would have made things easier.
The best description of the process that I could find came from an Ionic web page. It’s a five step process:
- Remove the console plugin
- Build the app for release
- Use keytool (which comes the JDK) to generate a key to sign the APK file
- Use jarsigner (another JDK tool) to sign the APK file and
- Run zipalign to optimise the APK
I won’t go through the details here as the Ionic website does that very well but I will underline the importance of the key: Each version of the app must use the same key so, if you lose the keystore you won’t be able to submit updates to your app.
Update 15-Feb-2017: It seems that there is some mention of signing the APK in the Cordova documentation. It’s not clear, to me at least, whether the Cordova build runs both steps 4 and 5 or only step 4. Further investigation is required but the Ionic web page provides more background information.