Next lesson playing in 5 seconds

  • Overview
  • Transcript

2.4 Building and Signing the App

In this lesson, I’ll show you how to build and sign an app locally.

Code Snippets

The keytool command:

keytool -genkey -v -keystore [keystore_name].keystore -alias [alias_name] -keyalg RSA -keysize 2048 -validity 10000

The jarsigner command:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore [keystore_name].keystore android-release-unsigned.apk [alias_name]

The path to the zipalign tool on Windows:


Related Links

2.4 Building and Signing the App

Hello everyone. This is Reggie Dawson. Welcome to the publish and app with Cordova course for touch plus. Once we have our app coded and configured how we want the final step is to compile it to an executable package that will run on our chosen device. Compared to the steps that we took to get here, the process is simple. It only requires one command. Now, this course assumes that you went through the building an app with Cordova course and have a project to build. If not, I suggest you take a look at that course first and build the project. If we look inside the project folder for our app we will see a hooks, platforms, plug ins and www folder. Hooks represents any special scripts we may have added to our app. The plug ins folder, of course, holds our plug ins. We will be looking at the www and platform folders. The www folder represents the project we developed in its original state. Since a Cordova app is basically a web view running on our device, we build the app as a web project. In this folder we have more folders. CSS holds our style sheets for the app. IMG holds our images. And JS holds our JavaScript files. The screen and icons folder are there to hold the icon and splash screens. These folders all will be copied to the platform folder once we compile the app. In the platforms folder, we have folders for each platform added to our project. We currently have just Android as that is the only platform we have added to this app. But we can easily add more through the command line interface. Inside this folder we will find an assets folder, and inside there a www folder. This represents the replicated project structure from our top level www folder. You will also notice that Cordova was automatically injected into this folder. Once we have our app ready to go, we need to navigate to our project folder and run the build command. This command will first run a prepare command that copied the project files over to the www folder. This is useful if you've made changes that have not been replicated yet in the platform folder. We run Cordova build to build our project for all added platforms. Alternatively, we can specify the platform we want to build for if we have multiple platforms but want to build just for one. After we run the command the project is built and compiled in the Android folder. If we look inside build and then outputs, and then APK and here is our APK file, android-debug.apk. But why is this listed as android-debug? As a default when we run the build command, it builds a debug version for testing. To build our app for release we run cordova build--release Now when we build, we get an android-release-unsigned apk. The package is built for release, but why's it listed as unsigned? Well in order to release an app to the play store or the app market, the app has to be signed. To do this with iOS, you need to have a developer account in order to get the developer certificate to do this. We can also perform this on a Windows machine as well as a Mac in case we are using phone gap building when compiling for iOS. We will get the phone gap build in the next video. Unfortunately, I do not have a developer account with Apple. But I have included directions to sign iOS apps in the course notes. Phone Gap has a built-in process to sign apps that we will discuss in a later video. But if we build locally, we need to sign our app if we want to release it. We should already have Java installed if you went through the course on building an app in Cordova. As a result we should already have our Java home variable configured. We need to add %JAVA_HOME%\bing to our path variable. After that we will be able to run our tool to sign our app. Just to make it simple I've navigated to the folder where our APK has been compiled. Then the command we're going to run is going to be keytool-genkey-v-keystore and your keystore name .keystore. Now the keystore name .keystore is going to be the name that you provide for your keystore. You can make it whatever you like. Then after that you have -alias and then alias name. Again you will be supplying your alias. -keyalg RSA -keysize 2048 -validity 10000. Now, you don't have to remember this command completely, and I will include it in the course notes. Just remember that you have to supply your own keystore name and your own alias name. After running this command the first thing it will do is prompt you for a password. And then it will prompt you to confirm that password. Then it will ask you for your name, your organizational unit, the name of your organization, your city, your state, your two letter country code. After you put in all this information it will confirm if this is correct. Then after that it will ask you for an alias password. But if you press return you can use the same password as the key store password. After that, your keystore file will be generated. Now that we've generated our keystore, we still need to sign our app. So in order to sign our app, we have to run another command. This time we're going to run Now I'm not gonna read through the whole command but I will add it to the course load so you can see what the command consists of. Basically, we use an application called Jarsigner that allows us to sign our app. As you can see here, we're supplying mykey.keystore, which is the name of our keystore, as well as our alias name. When you run this command, it will prompt you for the keystore password. And after entering the password it will sign your app. We now have a signed app that is ready for the Play Store. Before we submit it, though, we need to do one more thing. Android has a tool called zipalign which optimizes the APK file, reduces the amount of RAM used when running the app. You should only use zipalign after you have signed your app. We can also use this tool to rename the app as Cordova names the built APK Android-release-unsignedAPK instead of the name of our app. We can use ZipAlign to fix this as well. Now I had to add the build tools to my path as this is not included in our path that we've already set up. I will also include this path in the course notes. After that, we can run ZipAlign 4, and the name of our APK, and then the name we want to change it to. And after that, you can see that an agent assist APK has been generated and our app has been optimized for release as well as being renamed to something more recognizable. It doesn't matter what our APK is named for release on the App Store, but having the app name as the APK is helpful especially if you have a lot of apps you have built. Now that's all you need to know to prepare and build your app. In the next video we will get started with PhoneGap Build.

Back to the top