LiveCode LessonsHow To - LiveCode Mobile Tasks Android TasksHow do I Create a Self-Signed Certificate for an Android App?

How do I Create a Self-Signed Certificate for an Android App?

This lesson describes how to create a self-signed certificate for your Android application. Variations between Apple Mac and Windows are discussed and screen captures are provided.


The Android release system requires that all applications installed on user devices are digitally signed with certificates whose private keys are held by the developer of the applications. The certificates allow the Android system to identify the author of an application and establish trust relationships between developers and their applications. The certificates are not used to control which applications the user can and cannot install.

Locating Keytool

Locating Keytool

Keytool is a key generation application that is made available through your Java SDK installation. You should be able to access the tool using a Terminal on your Mac or through the Command Prompt on your Windows machine.

The location of keytool is included in the directory search path on standard Mac installations but may have to be configured on Windows machines.

You can typically find the keytool application in the following or similar location under windows: C:\Program Files\Java\jdk1.6.0_24\bin\, if you followed the default installation process. You can either run keytool.exe from this location or add the relevant path to your search paths.

To add the path to your existing search paths, open your Control Panel and navigate to System and Security -> System -> Advanced system settings. This opens the System Properties window with the Advanced tab. Select Environment Variables... to open the Environment Variables window. Then select Path from the System variables panel and select Edit... . This opens the Edit System Variable dialog in which you can add the new path to the existing list of search paths. Make sure that you separate each new path with a semicolon, as is shown in the figure of this step.

Creating the Key

Open your Terminal or Command Prompt and execute the command keytool. If the application is found, it is executed and a list of the available command line options is returned. This provides you with information on how you can configure the key generation process. The following example should allow you to generate an appropriate key:

keytool.exe -genkey -v -keystore release.keystore -alias TicTacToe -keyalg RSA -keysize 2048 -validity 10000

The application is interactive and command line driven, requesting that you enter a number of parameters. Do not worry if you make mistakes when entering parameters, you can enter them again.

Once you have created your key, it is stored in a .keystore file with its location shown at the end of the output, generated by the keytool. You should make a copy of your .keystore and keep it and the passwords in a safe place.

Note: -alias TicTacToe is specific to an application that is being signed in a latter lesson. You may want to change this to something that is more meaningful to the application you are working on.

Note: The Android website: has a lot of information and recommendations on how to create your private key. It is strongly recommended that you review that information in addition to what is covered in this lesson.

Once you have a working key, go to lesson: How do I Create an Android App for Distribution? to find out how to sign your application.


Jacqueline Landman Gay

Just for reference: If you are on a Mac, use "keytool" as the command, not "keytool.exe". Also, if your app is more than one word, you must enclose the alias name in quotes or the shell command will hang.

Simon Asato

On Win7 the ..\Java\jdk1.7.0_07\bin folder is read only and will not allow you to write the .keystore file.
Give yourself "...User\..." full control in the Security settings.


@Simon Asato:

That is not the right way to do it. Better keep the permissions of the folder intact and start the tool from a location you do have access to.
For example:
Create a folder in your "My Documents", and use the full path to "keytool". The key wil be saved in the current directory.



how run zip align tool our .apk from command line

Hanson Schmidt-Cornelius

Hi Nouman,

zipalign is used by LiveCode but is not something we explicitly support for users to interact with. If you would like to get more information on this, then please refer to the relevant help page at:

Kind Regards,


Little Tiny Fish

This walk through was incredibly helpful. Thank you so much for setting it up.

Richard, I was a little confused about what you were saying, but I figured it out. Basically you're saying instead of using the command:
"-keystore release.keystore"

you can change the path by using:
"-keystore c:\MY\PATH\HERE\release.keystore"


Hi, perhaps we need an additional lesson on how to use the upload key certificate when you try to update your app on the Google Play store, because then it is not accepting the signed updated APK anymore when using the same keystore file.

Elanor Buchanan

Hi Jerry, are you getting an error when you update your app on the Google Play store? If so could you let us know what it is so we can look into this.



Add your comment

E-Mail me when someone replies to this comment