Fork me on GitHub

Signing your APK

This page describes how to set up a profile that will sign the Android application using Maven jarsigner plugin with a proper key store, rather then the debug one. This is the recommended way to sign your Android application when using Maven to build it.

A fully working application of signing, zipaligning and proguarding is available in the MorseFlash example application.


To enable signing you need to provide a key store path (in the keystore node below), a key alias (in the alias node below), and passwords for both the keystore and the key (in the storepass and keypass nodes respectively).

Include the following in the pom file. If you use a hierarchical project structure then the below should be located in the parent pom in order to sign all child poms with the same key.


To trigger the profile use e.g., the following command:

mvn install -Psign

The configuration will bind the jarsigner plugin to the package phase of the execution when enabled with the -Psign switch in the build. Rather then storing the passwords in clear text in your pom you can pass them to maven as arguments when you execute the command. Go to the jarsigner plugins documentation for information on how it works and how it can be configured.