Overview
Integrating third-party SDKs such as mapping services or social sharing platforms requires registering your application's package identifier and cryptographic fingerprints. This guide demonstrates the complete workflow for generating signing keys, configuring Gradle builds, and retrieving MD5, SHA-1, and SHA-256 certificate hashes.
Generating a Keystore
Create a new signing key through the build menu: Build → Generate Signed Bundle/APK. In the dialog that appears, select APK and proceed. Click Create New to open the keystore generation form.
Complete all required fields in the form:
- Key store path: Choose a secure location for your
.jksor.keystorefile - Password: Create a strong password for the keystore
- Alias: Assign a unique identifier for your signing key
- Key password: Set a distinct password for the private key (may match the keystore password)
- Certificate details: Provide at least one piece of identity information (e.g., organizational unit or location)
After completing the wizard, Android Studio generates a release-ready APK signed with your new certificate.
Configuring Module-Level Signing
Manual keystore creation alone doesn't automate the signing process. Add a signingConfigs block to your module's build.gradle file:
android {
signingConfigs {
release {
keyAlias 'myappalias'
keyPassword 'keypass456'
storeFile file('D:/securekeys/myapplication.jks')
storePassword 'storepass789'
}
}
buildTypes {
release {
signingConfig signingConfigs.release
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
}
This configuration validates your ownership during compilasion by matching the provided credentials against the keystore file. Apply the configuration to your release build type as shown above.
Build Variant Selection
Configure the active build variant through the Build Variants tool window. Select release to sign with your custom configuration or debug to use the default debug keystore.
Note: Android Studio automatical generates a debug keystore if no explicit debug signing configuration exists. Always rebuild your project after modifying signing settings to ensure changes take effect.
Common Configuration Errors
Incorrect signing parameters produce specific error messages:
- Invalid alias: Results in "Keystore was tampered with, or password was incorrect"
- Wrong keystore password: Triggers "Cannot recover key" exception
- Mismatched key password: Causes "Failed to read key" error
These errors prevent the selected build variant from compiling until resolved.
Retrieving Certificate Fingerprints
Use the keytool utility from the Java Development Kit to extract certificate information. Execute this command in a terminal:
keytool -list -v -keystore "D:\securekeys\myapplication.jks"
When prompted, enter your keystore password (characters won't echo to the screen). The command outputs comprehensive certificate details including:
Certificate fingerprints:
MD5: A1:B2:C3:D4:E5:F6:7A:8B:9C:0D:1E:2F:3A:4B:5C:6D
SHA1: AA:BB:CC:DD:EE:FF:11:22:33:44:55:66:77:88:99:00:AA:BB:CC:DD
SHA256: A1:A2:A3:A4:B1:B2:B3:B4:C1:C2:C3:C4:D1:D2:D3:D4:E1:E2:E3:E4:F1:F2:F3:F4
The SHA-1 value typically serves as the application signature for most third-party service registrations, though modern services increasingly require SHA-256.
Studio-Assisted Configuration
Avoid manual Gradle editing by using Android Studio's graphical interface:
- Right-click your project module and select Open Module Settings
- Navigate to the Signing tab
- Click the + icon to add a new signing configuration
- Populate the fields with you're keystore details
- Click OK to automatically generate the
signingConfigsblock
This method reduces syntax errors and validates file paths immediately.