Can I re-sign an .apk with a different certificate than what it came with?

If I have an apk can I remove the current signing and some how re-sign it with a different .keystore file and still have the application install?

Update: I managed to get it to work with Jorgesys' solution and where I messed up before was that I unzipped the .apk then rezipped it after removing the META-INF folder and changed the file extension back into .apk. What I should have done is simply opened it with winzip and delete the folder inside of winzip.


Solution 1:

try this

1) Change the extension of your .apk to .zip

2) Open and remove the folder META-INF

3) Change the extension to .apk

4) Use the jarsigner and zipalign with your new keystore.

hope it helps

Solution 2:

If you are looking for a quick simple solution, you can use Google's apksigner command line tool which is available in revision 24.0.3 and higher.

apksigner sign --ks release.jks application.apk

You can find more information about apksigner tool, at the developer Android site.

https://developer.android.com/studio/command-line/apksigner.html

Or, alternatively, you may use an open-source apk-resigner script

Open Source apk-resigner script https://github.com/onbiron/apk-resigner

All you have to do is, download the script and just type:

   ./signapk.sh application.apk keystore key-pass alias

Solution 3:

Note if you use v2 signing schema (which you will automatically if you use build-tools 24.0.3+ in AS) you cannot just remove the META-INF folder from the APK since v2 adds its signing data to a zip meta block.

Google's new apksigner introduced in build-tools 24.03 (Android 7) is however able to resign APKs. You can just repeat the signing command to sign with a new keystore/cert (the old ones will be removed).

apksigner sign --ks keystore.jks signed_app.apk

Shameless plug: if you want a easier tool that can sign multiple apks and has better log output use: https://github.com/patrickfav/uber-apk-signer (uses Google's apksigner.jar in the background)

Solution 4:

zip -d my_application.apk META-INF/\*
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
zipalign -v 4 your_project_name-unaligned.apk your_project_name.apk