Generate an Android Keystore
This guide covers generating an Android signing keystore and uploading it to Oore CI.
What you need
- Role: developer, admin, or owner
- Java
keytool(included with JDK) or Android Studio - A pipeline configured for Android builds
1. Generate the keystore
Using keytool (included with any JDK installation):
bash
keytool -genkey -v -keystore my-release-key.jks \
-keyalg RSA -keysize 2048 -validity 10000 \
-alias my-key-aliasYou'll be prompted for:
| Prompt | Description |
|---|---|
| Keystore password | Password to protect the keystore file |
| Key password | Password for the specific key (can be same as keystore password) |
| Name/organization fields | Certificate identity information |
WARNING
Store your keystore file and passwords securely. If lost, you cannot update apps signed with this key on the Play Store. Google recommends using Play App Signing for production apps.
For the full Android documentation on keystores, see Sign your app - Android Developers.
2. Upload to Oore CI
- Open your project in the web UI
- Go to Pipelines and select the pipeline
- Open the Signing tab
- Under Android Signing, click Configure
- Upload the
.jksfile - Enter:
- Keystore password
- Key alias (e.g.,
my-key-alias) - Key password
- Click Save
The keystore and passwords are encrypted at rest using AES-256-GCM.
3. Verify
Trigger a build. The runner uses the uploaded keystore to sign the APK. Download the artifact and verify:
bash
apksigner verify --print-certs my-app-release.apkAPI endpoint
PUT /v1/pipelines/{pipeline_id}/android-signingSee Pipelines API — Android Signing.