Is PG 3.0+ supposed to create a signed application package?

Question

I've built several Android apps using pre-3.0 PhoneGap, all requiring the use of Eclipse to compile. In Eclipse I can export a "signed application package" complete with passwords and keystore file. But in PG 3.0 with CLI, the apk file is built with "cordova build android" and the resulting apk file in platforms/android/bin ends with "-debug.apk." Judging by the filename and the fact that I can't find a keystore file anywhere, appears to be employing a debug certificate.

Is PG 3.0+ supposed to create a signed application package, or am I supposed to open up Eclipse after all and create the signed version from there for the apk? I wonder if I'm supposed to add more lines to config.xml to make a signed app, but after searching and reading haven't been able to see any details on using the xml file for this purpose.

Does PG 3.0 stop with creating only a debug apk, and we then go to Eclipse to create the final apk?

Answer 1

Resource: http://www.intown.biz/2014/07/15/signing-your-cordova-android-app/

1. To create the signed apk via CLI, open the Terminal app.

2. Make sure your starting position is within your project’s root folder of /helloCordova and run:

keytool -genkey -v -keystore hellocordova.keystore -alias hellocordova -keyalg RSA -keysize 2048 -validity 10000

Answer the questions at each prompt. For 2-letter country code, look up this list: http://www.worldatlas.com/aatlas/ctycodes.htm

3. If any of the information is wrong, type the two letters to re-enter that information. For instance, cn to change your first and last name. Confirm the information by typing "yes".

4. Return if the password for the following information will be the same as the previous info (hit enter).

Your keystore file is saved at /helloCordova/hellocordova.keystore. Get the full path for use later: /Users//helloCordova/hellocordova.keystore (I grabbed my path by dragging the hellocordova.keystore file from the Finder window into the Terminal app.)

5. Open helloCordova/hellocordova.properties in a text editor.

6. Add two lines at the end (the file will be saved automatically):

key.store=hellocordova.keystore key.alias=hellocordova

7. Open helloCordova/platforms/local.properties in a text editor.

8. Add two lines to this file, even though it says, "This file is automatically generated. Do not modify this file - YOUR CHANGES WILL BE ERASED!"

key.store=/hellocordova.keystore key.alias=hellocordova

When run, the script will pause and you'll be prompted for the password twice and it will not be obfuscated.

9. In Terminal, run:

cordova build android --release

10. Your hellocordova-release.apk file, signed and zip-aligned, is put in /helloCordova/platforms/android/ant-build (check your Projects view window). This is the file you upload to Google Play.

Answer 2

So far, so good ... But when it comes to have a build for (like) Google Play, you'd probably will want to run 'cordova biuld android --release' - using the '--release' option, right ? This is going to produce some apk with the naming scheme '-release-unsigned.apk'.

Then after signing it with 'jarsigner' the name of the apk still remains.

Thus I assume, one has to rename it manually before uploading it to the AppStore.

So: 1st build it with '--release' option. 2nd sign it. 3rd rename it. 4. upload it

Correct?