Create Keystore (Android Only)

The Android platform requires that all installed apps be digitally signed with a certificate whose private key is held by the application's developer as a way to identify the app's author. The certificate does not need to be signed by a certificate authority, it can use a self-signed certificate. (http://developer.android.com/guide/publishing/app-signing.html).

After a .keystore file is created, the next time the app is exported, the Use Existing Keystore option can be selected by clicking on the Browse button to select an app and then entering its password.

There are several ways to create a keystore:

  1. Use JDK
  2. Use Android Studio

Use JDK

If you are just using PhoneGap Build, use can creater an Android Keystore file using the Java Development Kit (JDK):

  1. If you have not already done so, download the Java Development Kit (JDK), double-click on the file and follow the instruction on how to install it.
  2. Open the command prompt from within Windows by typing command in the search field at the bottom of the screen:
    • Type cd.. and press the Enter key.
    • Type cd Program files and press the Enter key.
    • Type cd Java and press the Enter key.
    • Type cd jdk1.8.0_25 (or whatever is the later version) and press the Enter key.
    • Type cd bin and press the Enter key.
      TIP: You can also set up a system variable to avoid having to doing these steps.
    • Type the following syntax and change what is highlighted to your information:

      keytool -genkey -v -keystore Your_personal_file_title.keystore -alias Your_personal_alias -keyalg RSA -keysize 2048 -validity 10000

      keytool -genkey -v -keystore Chopinisms.keystore -alias Chopinisms_alias -keyalg RSA -keysize 2048 -validity 10000
  3. Enter your profile when prompted:
    1. key store password: mykeystore$500
    2. first and last name: Cornelius Chopin
    3. organizational unit: skip
    4. name of your organization: Rich Media Creative Services
    5. city: Round Rock
    6. state: Texas
    7. two letter country code: US
    8. is correct? yes
    9. key password: Press the Enter key to add the SAME password as keystore password mykeystore$500

This will create an Android Keystore file in the Java bin directory: (e.g., C:\Program files\Java\1.8.0_25\bin) with the name you gave it. You can activate it in whatever application you generate your Android apps in (e.g., build.phonegap.com).

IMPORTANT: If you get an <Access Denied> error, you have to set the permission on the Java directory:

    1. Navigate to the Java folder and right-click on it and select Properties from the content menu.
    2. Click the Security Tab at the top of the Java Properties dialog box
    3. Click the Edit... button and then click the Add... button in the Permission for Java dialog box that appears.
    4. In the "Enter the object names to select (examples):" text field, type the word everyone and then click the OK button.
    5. With Everyone select in the Group or user names list, select the checkbox to allow Full control and then click the OK button.
    6. Repeat steps i-ix above.

See the following YouTube video, if it is still available:

Android keystore access denied problem (solved)

Use Android Studio

You can also use Google Android Studio to create a keystore.
WHY: To generate a signed APK (not debug version) to be distribute to an app store. When you create a debug version of an app (either virtual or physical), a debug KeyStore file is created automatically.

  1. From the menu, select Build > Generate Signed APK.
    NOTE: To generate a signed APK, you will first need a KeyStore file which will be done in the next step.

  2. In the Generate Signed APK dialog box that appears, click the Create new... button.


  3. In the New Key Store dialog box that appears, click on the browse-to-file button denoted with three dots (...) and in the Choose key store dialog box navigate to where you want the file to be saved (e.g., the desktop is a convenient place) and give the file a name (e.g., myAppNameKeyStore) and then click the OK button.
    NOTE: Your should see the file name will an extension of jks.

  4. Back in the New Key Store dialog box, enter a password twice.
    NOTE: Save password in a safe and secure place.

  5. Type an alias.
    NOTE: This can be any string with no spaces and no special characters.

  6. Enter a password twice for the alias.
    NOTE: Again, save the password in a safe and secure place.

  7. Leave the Certificate Validity at its default value of 25 years.
  8. Enter your full name  or organization Unit or Organization.
  9. Enter City or Locality, State or Province and Country Code (XX).
  10. Click the OK button.


  11. To use the key store in the Generate Signed APK, enter the Key store password, the Key alias from the combo box and the Key password you created earlier. You can also click the Remember passwords checkbox so that each time you use the KeyStore file, you won't need to reenter the passwords.
    NOTE: If you click the Remember passwords checkbox, you want have to re-enter these values the next time.


  12. Click the Next button.
  13. In the Generate Signed APK, enter destination folder (e.g., desktop) for the APK file.
  14. Set Build Type to Release.
  15. Click the Finish button.
  16. After a while, in the Generate signed APK dialog box that appears, you should see the message "Signed APK's generated successfully."
  17. Click the Show in Explorer button or Show in Finder button to open the APK file or navigate to where you saved it.


  18. You can now submit this release version of the APK to the app store.

Use Android Studio

It is easy to create a .keystore file using Android Sudio.