Android key creation

This guide describes how to create a signed keystore for use with an Android application.

Create a signing key for Android Apps

To create an Android signing certificate, you must be using Windows 10 and have Java installed.

Open a Command Prompt as Administrator, go to your Java installation directory (or ensure keytool is available via JAVA_HOME), and run the following command:

keytool -genkey -v -keystore [keystore_name].keystore
-alias [alias_name] -keyalg RSA -keysize 2048 -validity 10000

This command generates a keystore file (.keystore) in the directory defined by JAVA_HOME.

During execution, you will be prompted to provide information such as:

  • Keystore password

  • Key (alias) password

  • Organizational and identity details

The keystore password and key password must be retained securely, as they are required later when signing the APK or configuring a build service.

Use the signing key

Option 1: Local signing with a properties file

If you are signing the application locally, create a file named release-signing.properties with the following content:

storeFile=<keystore file path>
Type=jks
keyAlias=<keystore Alias name>
keyPassword=<key password>            //optional
storePassword=<keystore password>        //optional

Ensure that both the keystore file and the properties file are stored securely and are available during the build process.

Option 2: Use the keystore with the Mobile Build Service (MBS)

When using the Mobile Build Service (MBS), the release-signing.properties file is not required.

Instead, provide the keystore details directly in the New Android Certificate dialog of the MBS user interface as follows:

  • Alias: Enter the keystore alias name (alias_name)

  • Alias Password: Enter the alias (key) password

  • Keystore Password: Enter the keystore password

    By default, the alias password is the same as the keystore password, unless a separate alias password was explicitly defined during keystore creation.

Once these fields are populated, the uploaded keystore can be used by MBS to sign the Android application during the build process.

Related topics