Using one keystore for my company diffrent customers?

Question

I have a company that develops different android applications for its different customers (each of them are a different company ) but almost all apps subject are same. For example android applications for different car firm companies.

Now, the question is that: Is it recommended that I sign this applications with same key, or for each company that ask an android application I should create a different key-store?

Thanks in advance,

Answer 1

I'd say that the answer is no.

I had the case, where after I had developed an application with a single keystore for multiple customers, one of them asked for the key, so that they could continue the devlopment in-house. The result was a giant mess. I would not wish that upon anyone.

Seting up different keystores is not that hard, and as I see it, besides the organization advantages, there is no other reasons to sign different apps with the same key, unless you have some elaborate lock-in strategy in mind.

TL;DR - Yes, use a seperate keystore for each one of you client companies.

Answer 2

You can store multiple aliases (with different passwords) into a single keystore. I recommend you to read Signing Strategies.