How do I verify that an Android apk is signed with a release certificate?
AndroidApkAndroid KeystoreAndroid Problem Overview
How can I check that an Android apk is signed with a release and not debug cert?
Android Solutions
Solution 1 - Android
Use this command, (go to java < jdk < bin path in cmd prompt)
$ jarsigner -verify -verbose -certs my_application.apk
If you see "CN=Android Debug", this means the .apk was signed with the debug key generated by the Android SDK (means it is unsigned), otherwise you will find something for CN. For more details see: http://developer.android.com/guide/publishing/app-signing.html
Solution 2 - Android
Use console command:
apksigner verify --print-certs application-development-release.apk
You could find apksigner in ../sdk/build-tools/24.0.3/apksigner.bat. Only for build tools v. 24.0.3 and higher.
Also read google docs: https://developer.android.com/studio/command-line/apksigner.html
Solution 3 - Android
The easiest of all:
keytool -list -printcert -jarfile file.apk
This uses the Java built-in keytool app and does not require extraction or any build-tools installation.
Solution 4 - Android
Use this command : (Jarsigner is in your Java bin folder goto java->jdk->bin path in cmd prompt)
$ jarsigner -verify my_signed.apk
If the .apk is signed properly, Jarsigner prints "jar verified"
Solution 5 - Android
-
- unzip apk
-
keytool -printcert -file ANDROID_.RSA or keytool -list -printcert -jarfile app.apk
to obtain the hash md5
keytool -list -v -keystore clave-release.jks
- compare the md5
Solution 6 - Android
Run this command in Terminal - if you have Android Studio.
$ /Applications/Android\ Studio.app/Contents/jre/Contents/Home/bin/keytool -printcert -jarfile example.apk
Not a signed jar file
Solution 7 - Android
keytool -printcert -jarfile base.apk