In order to install an Android application onto a device, you first need to sign the Android package (.apk file) with the digital signature of a certificate. The certificate, however, can be self-signed—you do not need to purchase a certificate from a certificate authority such as VeriSign.
Signing your application for deployment involves two steps. The first step is to generate a certificate using the keytool (or similar tool). The second step involves using the jarsigner tool (or similar tool) to sign the .apk file with the signature of the generated certificate. Note that during development, the ADT plug-in for Eclipse takes care of signing your .apk file before deploying onto the emulator. Moreover, the default certificate used for signing during development cannot be used for production deployment onto a real device.
Was this article helpful?