I am wondering which is the more popular option, Having 1 keystore to sign all the apps you publish, and duplicating that keystore into the cloud and locally to keep it safe, or generating a new keystore for every new app submitted, and keeping copies of all of them?
It seems easier to have 1 keystore for everything, but despite duplicating it, im afraid of it getting corrupted and loosing access to all of the apps.
Whats the best approach for this situation?
So yes, you can use the same keystore to sign multiple apks, without a problem. You can also use the same alias (each alias is a certificate) to sign multiple apks, and it will work.
A keystore is a storage mechanism for security certificates. A public key certificate is used to sign an APK before deployment to services like the Google Play Store.
Signature of a keystore Note that if you are using Play App Signing, your upload key may differ from the key used by Google Play to sign your app. In this case, you can find the app signature from the Google Play Console on the Release > Setup > App Integrity page.
Applications can be signed by a third-party (OEM, operator, alternative market) or self-signed. Android provides code signing using self-signed certificates that developers can generate without external assistance or permission. Applications do not have to be signed by a central authority.
If you use the same keystore, it will be easier to make your apps work together. By having them signed with the same key, you can use a shared UID (not really recommended), or use signature based permissions. That would make it possible to export certain data or functionality and restrict access to your own apps only (using a ContentProvider or a remote service). The downside is, that if you loose the key, you'll have to republish all apps.
If you use separate keystores, it's easier to transfer an app to someone else (give them keystore and password). Additionally, you need to re-publish only one app if you lose/corrupt the keystore.
Take you pick, but I'd say: use the same keystore and make lots of backups. I would also use physical media (CD, etc) in separate locations, rather then the 'cloud', but that's your choice too.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With