APK Signing
AEE will recognize APK files and app bundles and sign them accordingly with its default key. In order to sign an APK using a custom Keystore, some specific methods need to be followed and are explained in the next section.
Signing with a custom key
In order to sign APK's with a custom key, AEE requires a private key in pk8 format as well as an X509Certificate exported from the same key.
How to create private key
- Convert a java keystore (JKS) to PKCS12 format
keytool -importkeystore -srckeystore KEYSTORE_PATH -destkeystore intermediate.p12 -srcstoretype JKS -deststoretype PKCS12
- Convert a PKCS12 to pem format
openssl pkcs12 -in intermediate.p12 -nodes -out intermediate.rsa.pem
- Finally convert pem to pk8 format
openssl pkcs8 -topk8 -outform DER -in intermediate.rsa.pem -inform PEM -out private.pk8 -nocrypt
How to create X509Certificate
- Read X509Certificate from a java keystore (JKS)
keytool -list -rfc -keystore KEYSTORE_PATH -alias KEY_ALIAS -storepass STORE_PASSWORD
- From the output, copy the text starting from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- (including both) and save it as a text file
Open AEE and Navigate to Settings -> Sign APK's with and select Custom Key. A new page will now open which offers options to select a custom Private Key and X509Certificate. Use it! By doing so, AEE will do the following changes, and now onwards uses the new credentials for signing.
- Save private key as
/data/data/com.apk.editor/files/signing/APKEditor.pk8
- Save X509Certificate as
/data/data/com.apk.editor/files/signing/APKEditorCert
Previous: General