Android APK Certificates - what fields are required and what if that info changes?

AndroidCertificateApkSigning

Android Problem Overview

This seems pretty basic but I can't find the info I'm looking for anywhere, particularly with regard to Android apps.

I am creating my release key (self-signed) and I am asked for lots of info:

  • First and Last Name: (OK; not likely to change)
  • Organizational Unit: (Is this one's "business name"?)
  • Organization: (How's this different from the "Unit" above?)
  • City or Locality: (This may change...)
  • State or Province: (Also may change...)
  • Country Code (XX): (OK; not likely to change)

With that in mind, I've got two basic questions about self-signed certificates used to distribute Android apps:

  1. On creation, can I leave any of these fields EMPTY, particularly the ones that are likely to change? Or is that forbidden? (The big question.)
  2. What if I want to change a given field later? Does that mean creating a new key and having everyone reinstall the app to ever upgrade again, even if I have the original key? (Seems to be the case, judging by what little I have found.)

Thanks in advance!

Edit: More info on #1 above: if this is anything like SSL certs, then the Name, Organization and Country should be sufficient. But IS that the case? Pros and cons of leaving any/all the other fields blank? I can't be the only one who's wondered about this in terms of apps... and the Android docs I've read so far aren't helping clarify this.

For #2, it appears that changing the certificate means regenerating it, and signing with that new cert doesn't avoid the Market problem (it's like a whole new app, even if you sign with both the new AND old certs). So it's all the more important to get it right (yet sufficiently generic in case you move) the first time you sign the app.

Android Solutions

Solution 1 - Android

The content of these fields are actually pretty irrelevant and are not generally seen by anyone other than you. You can leave empty fields wherever keytool will allow without consequence later.

Once you sign an apk with a keystore and upload it to the Android Market, you cannot sign that same package with another keystore. This is obviously done to prevent someone else from replacing your app with another.

For my keystore I put my personal information in it, set the expiration date for 999 years in the future and keep it safe and backed up.

Solution 2 - Android

To strictly answer the question about which fields are optional: actually, all fields are optional. The only requirement is that you provide at least one (even if it's just the country code).

Here's Android Studio's explanation: Android Studio displaying an error message

It reads: > At least one Certificate issuer field is required to be non-empty

Sure enough, with some testing, I confirmed that only one field is required.

As answered by Michael, once your app is published, you can never change it.

Categories
Recommended Android Solutions
Recommended Certificate Solutions
Recommended Apk Solutions
Recommended Signing Solutions

Previous Solution:

sprintf - repeating arguments

PhpPrintf

Next Solution:

Django cannot import name x

PythonDjangoDjango Models

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionMartyMacGyverView Question on Stackoverflow
Solution 1 - AndroidMichael PardoView Answer on Stackoverflow
Solution 2 - AndroidPaul LammertsmaView Answer on Stackoverflow