Signing Your Application with a Certificate

0
123

All applications must be signed before being updated to the Android Market. This enables consumers to identify and establish trust with a developer. The developer signs the certificate using a private key. The private key is different from the one you used during development. Typically, a key generally using ADT is only good for five years.

To create a suitable key in Flash Professional, go to File→AIR Android settings→Deployment→ Certificate and fill out every field. The publisher name will appear in the Android Market as you enter it. As before, make a note of the password, since you will need it when you compile your application. Choose Type 2048-RSA, Google’s recommended type.

The certificate must be valid for 25 years. The system only checks the certificate’s expiration date upon installation. If the certificate expires afterward, the application will continue working.

To create a suitable key using AIR ADT and the command line, use the following code, making sure to put your name and country in quotes:

AIR-sdk-path/bin/adt -certificate -cn “FirstName LastName” -c “US”
-validityPeriod 25 2048-RSA myCertificate.p12 myPassword

More information on this is available on the Android developer website, at http://developer.android.com/guide/publishing/app-signing.html.

When/if you later upgrade your application, you must use the same certificate, so keep it in a safe place.