Signing Android Apps for Release

This guide is based on the Android developer documentation here: http://developer.android.com/guide/publishing/app-signing.html

Generating a key and signing with it is quite easy using the Eclipse export wizard, however keep in mind the following:

The key identifies your organization and will be a stand-in for its reputation. Customers will trust the key with their data and business.
Keys should be handled and stored as valuable intellectual property, which must remain secret in order to remain effective
If the app will be submitted to the Cisco App HQ market, the public key will be used to identify the application and its validity. Updates to the app must be submitted using the same key as the original, or will be automatically rejected.

The Eclipse IDE can be used to generate a private key and sign your app using the key:

Step 1 ¿ Select File/Export... from the Eclipse menu

Step 2 ¿ From the Export Destination dialog, open the Android folder and select Export Android Application

Step 3 ¿ Select the Eclipse project to be exported

Step 4 ¿ Keystore selection.

A keystore is an encrypted file which is used to securely hold keys and certificates. If creating a new key for the first time, make sure and select 'Create new keystore'. If you are signing an app with a key you previously created ¿ for example if you are ready to submit an updated version to the Cisco App HQ ¿ select 'Use existing keystore' and navigate to your previously created keystore.

Step 5 ¿ Enter alias and organization information

The alias will be used to refer to the key in the future, helpful if you have multiple keys. The other information will be visibile to users who inspect the key signature so they can be assured that the signing key belongs to your organization. Note the expiration time of the key is also set here, which must be a minimum of 50 years for the Google Market and Cisco App HQ.