1. Are you ready for the Galaxy S20? Here is everything we know so far!

why signing, unknown sources and how to sign

Discussion in 'Android Apps & Games' started by perik, Jul 4, 2013.

  1. perik

    perik Lurker
    Thread Starter


    I exported my processing sketch as a app. But are a bit confused with the signing

    Heres what I did (and maybe tutorial for others):
    1) In processing: File -> Export Android Project
    2) In Eclipse: File -> New -> Android -> Android Project from Existing Code
    3) select the project you exported from Processing (Root Directory) in the wizard
    4) doubleclick AndroidManifest.xml in the Package Explorer and change android:debuggable="true" to android:debuggable="false"
    5) mark the project in the Package Explorer
    6) FIle -> Export -> Android -> Export Android Application
    7) Create new Keystore and set location for export and choose password
    8) enter the key creation
    9) select the destination for the .apk and export

    Now I have created a .apk file

    My questions:
    1) Is my app signed? And how do I know that?
    2) Whats the point of signing? Is it possible to install without signing?
    3) I need to tick the checkbox in my phone for allow Unknown Source to install?4) And since the answer is Yes for the above question. Do I have to do this even though the app is signed?


    1. Download the Forums for Android™ app!


  2. Damoware

    Damoware Lurker

    Hi perik,

    You can check if your app is signed by running:

    jarsigner -verify MyApp.apk

    If it is signed, it should report "jar verified".

    Signing ensures that only you can release a new version of your app. An updated version of your app (which will have the same package name) can only be installed if it is signed by the same key as the older version of your app that is already installed. This stops some evildoer from creating an app with the same package name as your app and trying to get users to install it by fooling them into thinking it is just an update of an app they have already.

    The "Unknown Source" option allows APK files to be installed from places other than Google Play. This is not related to the signing of the app.

    Hope that helps a bit.
    Rxpert83 likes this.
  3. perik

    perik Lurker
    Thread Starter


    where do I find jarsigner then? inside eclipse somewhere?

    is there way to export and install an app (without putting it on the google play) so you dont need to have the Unknown Source checkbox checked?
  4. Rxpert83

    Rxpert83 Dr. Feelgood

    If it's going to be distributed outside of the play store, unknown sources will need to be checked during installation.

    You can always uncheck it again afterwards. :thumbup:

    As far as key signing, that's above my pay grade. We have a development sub forum that's better suited for people looking for answers when making their own apps.

    If you'd like, I or (any other staff member) can move this thread over there for you.
  5. perik

    perik Lurker
    Thread Starter

    okej. what do you mean?

Share This Page