What kind of pitfals exist for the Android APK signing?

Question

Disclaimer: I know the basics of signing an APKs and I have a problem with only one of my projects and only when signing with Microsoft Windows as the OS.

Answer 1

The solution from Baqueta works also for me.

Use these arguments in the keytool:

-sigalg MD5withRSA -keyalg RSA -keysize 1024 

I am still using there in jarsigner:

-sigalg MD5withRSA -digestalg SHA1

Thank you, the APK compiled and installed on a device using Java 7, finally!

Answer 2

Thank you... It helped me in correcting signing issues...

jarsigner -verbose -sigalg SHA1withRSA -digestalg
keytool -sigalg MD5withRSA -keyalg RSA

Finally, don't forget to zipalign.

I used similar keytool and jarsigner methods and the issue was resolved.

Answer 3

The solution is add this to the <configuration> of the maven-jarsigner-plugin:

<arguments>
  <argument>-sigalg</argument><argument>MD5withRSA</argument>
  <argument>-digestalg</argument><argument>SHA1</argument>
</arguments>

Ant already has direct support for this, but the Maven plugin does not.

Answer 4

It is very tricky to find info on the usage with 1.7, but once found it is reasonable simple:

For keytool include:

-sigalg SHA1withDSA -keyalg DSA -keysize 1024

For jarsigner include:

-sigalg SHA1withDSA -digestalg SHA1

(1024 is the maximum and works, less might do the trick)