How do I verify that an Android apk is signed with a release certificate?

android apk android-keystore

Use this command, (go to java < jdk < bin path in cmd prompt)

$ jarsigner -verify -verbose -certs my_application.apk

If you see "CN=Android Debug", this means the .apk was signed with the debug key generated by the Android SDK (means it is unsigned), otherwise you will find something for CN. For more details see: http://developer.android.com/guide/publishing/app-signing.html


Use console command:

apksigner verify --print-certs application-development-release.apk

You could find apksigner in ../sdk/build-tools/24.0.3/apksigner.bat. Only for build tools v. 24.0.3 and higher.

Also read google docs: https://developer.android.com/studio/command-line/apksigner.html


The easiest of all:

keytool -list -printcert -jarfile file.apk

This uses the Java built-in keytool app and does not require extraction or any build-tools installation.


Use this command : (Jarsigner is in your Java bin folder goto java->jdk->bin path in cmd prompt)

$ jarsigner -verify my_signed.apk

If the .apk is signed properly, Jarsigner prints "jar verified"

Related

How to get docker-compose to always re-create containers from fresh images?
How to host google web fonts on my own server?
"The certificate chain was issued by an authority that is not trusted" when connecting DB in VM Role from Azure website
How to use UTF-8 in resource properties with ResourceBundle
Python's most efficient way to choose longest string in list?
Check if string begins with something? [duplicate]
Get current folder path
Creation timestamp and last update timestamp with Hibernate and MySQL
Prevent the keyboard from displaying on activity start
Get form data in ReactJS
Sticky and NON-Sticky sessions
WAMP error: Forbidden You don't have permission to access /phpmyadmin/ on this server