APK Signer

APK Signer Online — How to Sign APK Files Free

Complete APK signer guide — learn how to sign APK files using apksigner, jarsigner, or debug keystore. Free step-by-step APK signing tutorial for developers and testers. Sign APK without Android Studio.

Why Do APK Files Need to Be Signed?

Every Android app must be digitally signed before it can be installed. The signature serves several purposes:

  • Verifies the identity of the app developer
  • Ensures the APK hasn't been tampered with
  • Allows Android to match app updates with the original
  • Required for installing on all Android devices

Desktop Tool Required

APK signing requires command-line tools (JDK / Android SDK). This cannot be done in a web browser. Follow the guide below to sign APKs on your computer.

Method 1: Sign with apksigner (Recommended)

apksigner is Google's official APK signing tool, included in Android SDK Build Tools.

Step 1: Generate a Keystore

keytool -genkey -v -keystore my-release-key.jks \
  -keyalg RSA -keysize 2048 -validity 10000 \
  -alias my-key-alias

Step 2: Sign the APK

apksigner sign --ks my-release-key.jks \
  --ks-key-alias my-key-alias \
  --out signed-app.apk unsigned-app.apk

Step 3: Verify the Signature

apksigner verify --verbose signed-app.apk

Method 2: Sign with jarsigner (Legacy)

# Sign
jarsigner -verbose -sigalg SHA256withRSA \
  -digestalg SHA-256 \
  -keystore my-release-key.jks \
  app-unsigned.apk my-key-alias

# Verify
jarsigner -verify -verbose app-signed.apk

Step 4: Zipalign (Important!)

After signing, optimize the APK with zipalign:

zipalign -v 4 signed-app.apk aligned-app.apk

Debug Signing (For Testing)

For testing purposes, you can use the default Android debug keystore:

# Location of debug keystore:
# Linux/Mac: ~/.android/debug.keystore
# Windows: C:\Users\{USERNAME}\.android\debug.keystore

# Sign with debug key
apksigner sign --ks ~/.android/debug.keystore \
  --ks-key-alias androiddebugkey \
  --ks-pass pass:android \
  app.apk
Verify APK Signature Check APK Info

Related Tools

APK Verifier APK Info XAPK to APK AAB to APK

Signing Tools Comparison

apksignerjarsigner
V1 Signature
V2 Signature
V3 Signature
RecommendedLegacy

APK Signer — Frequently Asked Questions

Common questions about APK signing, keystores, and Android code signing

To sign an APK file, you need apksigner (recommended) or jarsigner: (1) Generate a keystore using keytool -genkey, (2) Sign the APK with apksigner sign --ks my-key.jks --out signed.apk unsigned.apk, (3) Verify the signature with apksigner verify signed.apk. You can also use the Android debug keystore for testing purposes. This is the standard way to sign APK without Android Studio.

While you cannot sign APK online securely (because APK signing requires your private keystore which should never be uploaded to any server), you can use our free APK signer guide to sign APK files on your local machine. Our step-by-step tutorial walks you through the entire process using Google's official apksigner and jarsigner tools. After signing, use our APK Signature Verifier to verify the signature online for free.

V1 (JAR Signing): The original Android signing scheme. Verifies each ZIP entry individually. Slower but widely compatible with all Android versions. V2 (APK Signature Scheme): Introduced in Android 7.0. Verifies the entire APK as a whole, providing faster installation. V3 (APK Signature Scheme v3): Android 9.0+, supports key rotation. V4: Android 11.0+, enables streaming installs. Use apksigner to support all schemes; jarsigner only supports V1.

To sign APK without Android Studio: (1) Install Java JDK 8 or higher, (2) Download Android SDK Build Tools which includes apksigner, or download the standalone bundled tool, (3) Generate a keystore: keytool -genkey -v -keystore my-key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias my-alias, (4) Sign: apksigner sign --ks my-key.jks --out signed.apk app.apk. This method works on Windows, Mac, and Linux without requiring the full Android Studio installation.

zipalign is an Android SDK tool that aligns uncompressed data within the APK on 4-byte boundaries. This optimization reduces RAM consumption when the app runs on a device. Important: If using apksigner, run zipalign BEFORE signing. If using jarsigner (legacy), run zipalign AFTER signing. Command: zipalign -v 4 input.apk output.apk. Google Play requires APKs to be zipaligned for submission.

About APK Signer — Complete APK Signing Guide

The APK Signer tool at xapktoapk.com is a comprehensive guide to signing APK files for Android distribution. Every Android application must be digitally signed with a certificate before it can be installed on a device. This ensures the app's authenticity and integrity throughout the distribution process.

Whether you're a developer preparing your app for Google Play Store submission, a tester who needs to sign a debug APK, or someone who needs to re-sign a modified APK, our guide covers all scenarios. We explain both modern (apksigner) and legacy (jarsigner) methods with complete command-line examples that work on Windows, Mac, and Linux.

Why Use Our APK Signer Guide?

  • Free & Comprehensive: Complete APK signing tutorial with no hidden costs
  • Interactive Command Builder: Generate the exact signing commands for your use case
  • Both Methods Covered: apksigner (recommended) and jarsigner (legacy) explained
  • V1, V2, V3, V4 Signatures: Understand all Android signing scheme versions
  • Integration with APK Verifier: Verify your signatures using our free APK Signature Verifier
  • Works Without Android Studio: Sign APK files using only command-line tools

After signing your APK, use our APK Signature Verifier to confirm the signature is valid, check the signing scheme version, and view certificate details. You can also use our APK Info Extractor to analyze the signed APK's metadata, permissions, and other details.

Part of the xapktoapk.com suite of 10 free Android tools including XAPK to APK Converter, AAB to APK Converter, APKS to APK Merger, and more.