Free Trial
Contact Us

Knowledge Base

Knowledge BaseCode Signing

How Do You Create a Self-Signed Certificate for APK Files?

Updated on January 2, 2026

Android Package Kit (APK) files signing requirements 

Overview: 
This guide provides the step-by-step process for creating a self-signed certificate with a validity period of at least 25 years for signing Android Package Kit (APK) files. This ensures compliance with Android’s signing requirements 

Self- signing of Android Package Kit (APK) files  

Signing Android Package Kit (APK) files requires the use of a certificate with a validity period of at least 25 years. 

Public Certificate Authorities (CAs) do not issue certificates of such a lifetime. Thus, a public CA code signing certificate is not required for signing the APK files. 

A self–signed certificate with a minimum of 25 years validity period can be created. 

Prerequisites 

Before you begin, ensure you have the following: 

  • Java Development Kit (JDK) installed on your system. 

  • Access to the keytool.exe utility (included with JDK). 

  • A secure location to store the keystore file. 

 

Procedure 

To create a self-signed certificate, follow the below steps: 

Step 1: Open Command Prompt 
Launch the Command Prompt or terminal on your development machine. 

Step 2: Run the Key tool Command 
Enter the following command to generate a keystore and self-signed certificate: 

keytool.exe -genkey -v -keystore keystore.jks -alias Android -keyalg RSA -keysize 2048 -validity 20000 

 

Explanation: 

  • keystore keystore.jks: Specifies the keystore file name. 

  • alias Android: Sets the alias for the key. 

  • keyalg RSA: Uses RSA algorithm for encryption. 

  • keysize 2048: Defines the key size. 

  • validity 20000: Sets the certificate validity to 20,000 days (~54 years) 

Step 3: Provide Required Details 
When prompted, enter details such as your name, organization, and location. 

Step 4: Secure the Keystore 
Store the generated keystore.jks file in a secure location for future APK signing. 

 

Verification 

To confirm the process was successful: 

  • Check that the keystore.jks file exists in the specified directory. 

  • Use the command key tool -list -keystore keystore.jks to verify the alias and certificate validity. 

 

Android dev resources: 

 

 

Related Articles:  

Tags: 

Need help?

Need help making a purchase? Contact us today to get your certificate issued right away.

Live chat

Click the button below or click "Chat with an Expert" to start chatting with us now!

Start Chat

Call us today

United States
+1 888 266 6361
France
+33 3 66 72 95 95
Italy
+39 02 4792 1708
Spain
+34 900 838 451
Germany
+49 800 1002328
International
+1 914 732 844

Resources