Build production give me debug.apk

Hi all.
I finish my f7+vue app for Android, everything works fine in debug.apk so I want to make final production apk but after “npm run build-prod-cordova” it still give me debug.apk in debug folder.

Framework7 CLI doesn’t create signed production APK, you need to do it by your self. There were a lot of similar topics here on forum how to do it, even more if you google it :slight_smile:

I signed apk successfully via jarsigner and zipalign. And still got the message.

" You uploaded an APK or Android App Bundle with invalid or missing signing information for some of its files. You need to create a valid signed APK or Android App Bundle. Learn more about signing."

I sign apk via terminal, everything says it successfully, but no luck on google-console. Then I try this program made configuration, its say all done successfully but again no luck on google play.

I published last application successfully that I build in vanilla js + Cordova. But with framework7 can’t get signed (prod) apk. Is there some data in json or xml that I need to change before building apk?

it confuses me. Last time I build apk directly with Cordova and get prod-unsigned.apk. But here with f7 I get debug.apk, it feels wrong that I must use debug.apk, and why is there “npm run build-prod-cordova” in “next steps” on first creating project if f7 can’t make production version.

I’m sad that I get stuck now when 99,9% job is done.

If you have created your project thru F7 CLI, then:

Enter in “cordova” directory

(Here I’m assuming you already have your key to sign – otherwise, google it :wink: )

Once you have your key, make the build

cordova build --release

It will generate your APK to production (but not signed yet).

Terminal will tell where your apk is (usually “platforms\android\app\build\outputs\apk”). Copy it to the same folder where you have your certificate.

Then sign:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore your-generated-key-file.keystore app-release-unsigned.apk your-key-name

Last, use zipalign to make everything finished

zipalign -v 4 app-release-unsigned.apk final-name.apk

I know it sounds complicated (it took me a lot of time and reading to figure it out), mas it isn’t after all rs.

Hope it helps


I usually do it within Android Studio

1 Like

Thank you so much.
“cordova build --release” work good.
After finishing sign-in through jarsigner and zipaligner google-play accept apk.

I’m trying to sign the apk…
I’ve made the key with:

keytool -genkey -v -keystore /my_key_store_location/my-release-key.keystore -alias the_alias -keyalg RSA -keysize 2048 -validity 10000

Then I use the jarsigner as show:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore your-generated-key-file.keystore app-release-unsigned.apk your-key-name

But it send me the warning:

The signer’s certificate is self-signed.

I’m not sure if i’m doing the things in the right way…
I think the signing process is very important and needed for future upgrades i don’t want to do it bad.
I’ve read too about the Android App Bundle instead of apk file, and i dont know how to generate this with Cordova… Google Play saids in august 2021 the aplications must be in Android App Bundle format

Thanks for help

As show here:

This line create the Android App Bundle (.aab) signed file:
cordova build --release -- --keystore=path_to/my-release-key.keystore --storePassword=password --alias=alias_name --password=password --packageType=bundle

This the unsigned one:

cordova build --release -- --packageType=bundle

You can ignore the warning. You are signing your project(in this case) with your keystore. That is what this warning is telling you

1 Like

Othet solution