How to sign any jar or apk file?

For protecting any apk file in Envelope, we need to sign this apk file before it can be installed on any android device.

Following are the steps to sign any apk or jar file-

A. Create a key store:

1) Open an Administrator Command Prompt and go to ‘java\jre\bin’ directory
2) Now enter the following command to generate a new keystore- keytool -genkey -alias <alias name> -keyalg <algorithm> -keystore <path to save keystore> -keysize <size>
Example: keytool -genkey -alias MyKey -keyalg RSA -keystore “c:\key.keystore” -keysize 2048
3) Now it will ask for a password for keystore. Set any password here. Size should be atleast 6 characters.
4) Few questions will be there. Enter the answers to these questions and then enter ‘y’ to confirm
5) Now set a password for the key created in the keystore. Press enter directly to use the same password as set for keystore

This will create a keystore in the location specified. (c:\key.keystore)

B. Signing the apk/jar with this keystore:
1) Go to location “java\jdk\bin’ in Administrator Command Prompt
2) Enter the following command-
jarsigner –verbose –keystore <path to keystore> -storepass <password of keystore> -keypass <password of key> <path to unsigned jar/apk> <alias name>
Example: jarsigner –verbose –keystore “c:\key.keystore” –storepass 12345678 –keypass 12345678 “c:\android\bounce.apk” MyKey

This will sign the apk/jar file.