Sign Releases with Cordova Android

The Cordova CLI

Since the Cordova CLI was introduced about a year ago, building and deploying Cordova apps for development has become incredibly simple and automatable. E.g. for Android:

$ cordova build android

and you can also run the app directly on the device / emulator

$ cordova run android
$ cordova emulate android

If you want to build a release version of an APK from the command line for production, this is also possible. However, this does not sign your release:

$ cordova build android --release

Here are the 2 methods I use / have used to achieve API signing for production / distribution. Don’t worry, neither of them use Eclipse!:

Android signing

Note: Before you can use either of these methods, you must have generated a private key, see Obtain a suitable private key on the Android Developer website.

Method 1

Use jarsigner directly

This is the method I used to use and it isn’t Cordova CLI specific (it’s part of the Java SDK build tools and this method is part of their standard documentation). After you have created your APK (cordova build android --release) you can run the following command:

$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore release_key_name.keystore app_name.apk alias_name

Jarsigner will prompt for the password and sign the APK.

Method 2 (best)

Part of the CLI workflow

This is now my preferred method and hooks directly into the cordova build android --release command.

Create an file in platforms/android/ with a keystore path and alias name:


The standard Cordova CLI release build process will now prompt for the password and automatically sign the APK, ready for upload to Google Play, or other distribution method. The APK will be created at platforms/android/ant-build/app_name-release.apk.

Happy release automation.