Signing Android APK with Apache Cordova

Signing Android APK with Apache Cordova

Martina Papaliska's photo
Martina Papaliska
·Feb 12, 2021·

2 min read

Subscribe to our newsletter and never miss any upcoming articles

Play this article

In order to submit an app to Google Play you need to sign the apk no matter what development framework you're using. In this article we'll see how to sign an apk using Cordova. Before starting we will assume that we have previously made all the necessary Cordova installations and added an android platform for our project.

Create a keystore file

First, we'll need to create the keystore file which is basically a binary file that can hold a set of keys. To create this file you'll need to go to the root of your project and run the command below:

keytool -genkey -v -keystore myapp.keystore -alias myappalias -validity 10000

The validity tag stands for the expiration of the key. After running this command you will see the myapp.keystore file at the root of your project.

Create a build.json file

The build.json file also needs to be created at root level and this is the place where we will store all the parameters needed for signing. The file needs to look something like this:

    "android": {
        "debug": {
            "keystore": "./myapp.keystore",
            "storePassword": "pass",
            "alias": "myappalias",
            "password" : "pass",
            "keystoreType": "jks"
        "release": {
            "keystore": "/myapp.keystore",
            "storePassword": "pass",
            "alias": "myappalias",
            "password" : "pass",
            "keystoreType": "jks"

Set version and package name

Next thing that we need to do is open the config.xml file at root level where we can set the version, version code and package name in the widget tag at the top of the file.

<widget android-versionCode="10" defaultlocale="en-US" id="com.example.myapp" version="1.0" ...>
  • versionCode is used only for calculations by Google Play and is not visible for users
  • id is the package name of your app
  • version is the version of your app that will be visible on Google Play

Building the app

The last thing that we want to do is build the app using the parameters that we defined in build.json. We will achieve that by adding the flag --buildConfig to the build command

cordova build android --release --buildConfig

This command will build a signed apk that you can upload to Google Play. The location of the apk will be written as an output of the command, but the correct location should be platforms/android/app/build/outputs/apk/release.

For more details on the installation, building and signing you can go to the official Cordova Android Platform Guide

Share this