I suppose I'm doing something wrong but I had to patch https://github.com/phonegap/phonegap/blob/master/lib/android/bin/templates/cordova/lib/cordova.js#L313 this way (add "unaligned" token matching):
if (fso.GetExtensionName(path) == 'apk' && !path.match(/unaligned/) && !path.match(/unsigned/)) {
path_to_apk = out_files.item();
break;
}
otherwise the "unsigned" apk is first found and installed, and it will fail not being signed. I'm using the CLI to build and run my apk. In debug mode it's ok, obviously, because the signing takes a different path.
Giovanni
I'm not sure what you did to try to sign your app, but here's what worked for me:
There is actually an easier way to do this all in one command once you set up the correct configuration, as described in this SO answer: Automation for Android release build I also, wrote a blog post about it here: http://www.adamwadeharris.com/android-automation/
Make sure you’ve set your version number in AndroidManifest.xml. Google Play won’t accept it unless it is different than the previous versions in the store. versionCode is an integer value, so just increment it by 1 each time you submit regardless of whether it’s a major or minor update. versionName isn’t used for anything except for displaying to users and it’s a string so you can name it whatever you want. For example, you could set it to 1.0.3 while versionCode might be 3. (http://developer.android.com/tools/publishing/versioning.html#appversioning)
http://schemas.android.com/apk/res/android”>
Create a keystore file and set a password. I won’t go into a lot of detail about how to actually do this. Just make sure you don’t lose this file. If you lose it, and you have to create a new one, then it will become a new app when you try to add it to the Google Play Store. (http://developer.android.com/tools/publishing/app-signing.html#cert)
Always use a different keystore file for each app because it’s your private key for uploading apps to the store. If you ever decide to transfer your app to another developer, you’ll have to give them the keystore file, and if you also use that keystore for other apps, then you have a security issue. (http://developer.android.com/tools/publishing/app-signing.html#secure-key)
Put the keystore file somewhere on your computer. It doesn’t really matter where.
Then you just need to tell ant where the keystore file is by going to your android project folder (For phonegap it’s in platforms/android) and create an ant.properties file and put the following in it:
key.store=/Users/username/Documents/path/to/my-release-key.keystore
key.alias=app_name
Where key.store equals the path to the keystore file starting at the C Drive, and key.alias is just whatever you want to call it for short. You’ll use the alias in the following commands.
Open up the command prompt, and navigate to your project and run phonegap build.
phonegap build android
in platforms/android/bin you should have:
AppName.ap_
AppName.ap_.d
AppName-debug.apk
AppName-debug-unaligned.apk
AppName-debug-unaligned.apk.d
Then navigate to the android directory and run ant release:
cd platforms/android
ant release
It will prompt you for your keystore password and the password for the alias ‘app_name’. Enter your keystore password for both of them.
In platforms/android/bin you should now also have release versions of the app:
AppName-release.apk
AppName-release-unaligned.apk
AppName-release-unsigned.apk
AppName-release-unsigned.apk.d
Now move into the bin directory:
cd bin
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore /Users/username/Documents/path/to/my-release-key.keystore AppName-release-unsigned.apk app_name
Update- According to a comment below, you won't get a warning at the next step if you use -sigalg SHA1withDSA -digestalg SHA1 instead of SHA1withRSA
Enter your keystore password
jarsigner -verify -verbose -certs AppName-release-unsigned.apk
If you get a warning like this ignore it: Warning: This jar contains entries whose certificate chain is not validated.
zipalign -v 4 AppName-release-unsigned.apk AppName.apk
it will say: Verification successful
And your final apk (AppName.apk) will be created in the bin directory.
(http://developer.android.com/tools/publishing/app-signing.html#releasemode)
Then you can upload to Google Play.
I hope this helps. Let me know if you have any questions.
http://www.adamwadeharris.com/sign-publish-phonegap-app-google-play-store-windows/