Android uses signatures in two places:
.apkin the firmware image must be signed. Android’s Package Manager uses an
.apksignature in two ways:
To replace an application, the new version must be signed with the same key as the old one.
If two or more applications share a user ID (to share data, etc.), they must be signed with the same key.
OTA update packages must be signed with one of the system keys or the installation process fails.
|Running an Android system signed with the test-keys publicly distributed is dangerous. It allows third party applications access to functionality reserved for system applications by signing them with the publicly available certificates.|
Digi Embedded for Android test-keys are under
When generating your images, the build system uses these test-keys.
This is a valid approach during development, but not for a final production release or for deployment as the keys are publicly known.
It is critical to sign your final artifacts with private release-keys that only you have access to.
Generate your release keys
A key consists of two files:
The private key, with extension
.pk8. It is protected by a password. You must kept it secret.
The certificate, with extension
.x509.pem. It is the public part of the key, so you can distribute it. Android uses it to verify the signature of an update package.
To generate your private release-keys, follow these steps:
Change to the directory where the source code is installed.
$ cd dea-11.0-r2
Create a directory to store the keys. For example, at your home directory
$ mkdir ~/android-certs
Define your organization’s information in a environment variable. For example:
Generate the release keys inside
$ for x in releasekey platform shared media networkstack; do \ ./development/tools/make_key ~/android-certs/$x "$subject"; \ done
Enter a password for every individual key once prompted.
Your certificate files (
.x509.pem) and encrypted private keys (
.pk8) are stored in
|You are responsible for storing and protecting the release keys. Loss of the private keys will result in not being able to sign artifacts with the affected keys.|