I'm trying to deploy an android apk created by Cordova but I'm wrong. Here is my process :
1)Build the release apk : cordova build android --release
2)Generate a keystore : keytool -genkey -v -keystore my-release-key.keystore -alias com.MyCompany.AppsName -keyalg RSA -keysize 2048 -validity 10000
I create password named MyPass, and write all information in the form (name, country,...)
3)Signed the Apps : jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore android-release-unsigned.apk com.MyCompany.AppsName
4)Checked for signing : jarsigner -verify -verbose -certs android-release-unsigned.apk
I get this output :
"jar verified. Warning: This jar contains entries whose certificate chain is not validated. This jar contains signatures that does not include a timestamp. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2043-12-07) or after any future revocation date."
5)Zip the Apk : "c:\pathtosdk\zipalign.exe" -v 4 android-release-unsigned.apk com.MyCompany.AppsName.apk
6)And then i copy the Apk on a android device.
But when I try to install the Apps, the device ask me to allow unknown sources... like it's not signed. Is anyone who know where i'm wrong ?
Thanks in advance
Your apk is probably signed and perfectly fine. the reason it asks to allow unknown sources because by default it does not allows to install .apk files from other sources than google play store. Security issues https://support.google.com/nexus/answer/2812853?hl=en