Home » Android » How do I verify that an Android apk is signed with a release certificate?

How do I verify that an Android apk is signed with a release certificate?

Posted by: admin March 10, 2020 Leave a comment

Questions:

How can I check that an Android apk is signed with a release and not debug cert?

How to&Answers:

Use this command, (go to java < jdk < bin path in cmd prompt)

$ jarsigner -verify -verbose -certs my_application.apk

If you see “CN=Android Debug”, this means the .apk was signed with the debug key generated by the Android SDK
(means it is unsigned), otherwise you will find something for CN.
For more details see: http://developer.android.com/guide/publishing/app-signing.html

Answer:

Use console command:

apksigner verify --print-certs application-development-release.apk

You could find apksigner in ../sdk/build-tools/24.0.3/apksigner.bat. Only for build tools v. 24.0.3 and higher.

Also read google docs: https://developer.android.com/studio/command-line/apksigner.html

Answer:

Use this command : (Jarsigner is in your Java bin folder goto java->jdk->bin path in cmd prompt)

$ jarsigner -verify my_signed.apk

If the .apk is signed properly, Jarsigner prints “jar verified”

Answer:

The easiest of all:

keytool -list -printcert -jarfile file.apk

This uses the Java built-in keytool app and does not require extraction or any build-tools installation.