Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Obtaining a signing certificate for Android apps

Updated on March 3, 2022

Guarantee that the code and updates of your mobile app come from a legitimate source by creating a signing certificate for the Android certificate set that is required to generate an installation package for your Android app.

Before you begin: Ensure that you have access to the Java Keytool utility by downloading and installing a version of Java Runtime Environment (JRE) or Java SDK.
You generate a signing certificate with the Java Keytool command line utility that manages keys and certificates. The certificate guarantees that the code and updates of your app come from a legitimate source. The certificate is stored in a .p12 file that you upload to an Android certificate set in Pega Platform.
  1. Open your preferred terminal tool.
    For example: For Windows, open the Command Prompt application.
  2. At the command prompt, enter and confirm the following command with variables that match your system configuration: <directory with your Java version installation>\bin\keytool -genkey -v -keystore <target path and name of the certificate>.p12 -alias <unique identification of the certificate in the keystore> -keyalg RSA -keysize 2048 -storetype PKCS12 -validity <number of days for which the certificate is valid>
    Note: The minimum certificate validity for app distribution through Google Play is 25 years.
    For example: Create a uPlusExpensesCertificate.p12 file in the C:\mobile-certificates\ directory, with a certificate size of 2048 bits, and certificate validity of 10000 days. For Windows, with JRE installed in C:\Program Files\Java\jre1.8.0_202 and with C:\ as the active terminal directory, enter the following command:

    "Program Files"\Java\jre1.8.0_202\bin\keytool -genkey -v -keystore mobile-certificates\uPlusExpensesCertificate.p12 -alias uPlusExpenses -keyalg RSA -keysize 2048 -storetype pkcs12 -validity 10000

  3. At the password prompt, set and confirm the password for the keystore.
    Important: This password is required in the Android certificate set in Pega Platform.
  4. Optional: To include additional information about the certificate ownership, provide answers to the questions in the terminal:
    1. For every question that you want to answer, enter your response, and then confirm by pressing the Enter key.
      You can skip a question and continue to the next entry by leaving the entry blank and then pressing the Enter key.
      Result: After the last question, the terminal displays a summary of your entries.
    2. If the entries in the summary are incorrect, enter no, press the Enter key, and then repeat step 4.a.
    3. If the entries in the summary are correct, enter yes, and then confirm the data by pressing the Enter key.
Result: The Java Keytool utility creates the .p12 file with your certificate in the location that you specified. You can upload the file to an Android certificate set in Pega Platform.
For example: A mobile app developer obtains a signing certificate for the Android certificate set that is required to generate an installation package for the Android expense reporting app.

Certificate creation with the Java Keytool utility
Terminal commands in Windows Command Prompt that create a P12 certificate file for mobile use.

    Have a question? Get answers now.

    Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

    Did you find this content helpful?

    Want to help us improve this content?

    We'd prefer it if you saw us at our best.

    Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

    Close Deprecation Notice
    Contact us