10

Building a Signed APK for Android in Construct 3

Published 24 May, 2018
992 words
~4-7 mins

Construct 3 has its own mobile app build service, which can build your mobile apps for you. This feature is only available to subscribers. Android apps (APK files) must be signed before they can be published. This verifies that you are the publisher and that they have not been tampered with since you uploaded it. Here's how to get Construct 3 to build a signed APK for you.

PREPARE YOUR PROJECT

You might want to catch up on the tutorials supporting multiple screen sizes and touch controls to make sure your project is ready for use on mobile. It's also easy to test on mobile using Construct 3's Remote Preview feature.

EXPORT

Once you're satisfied your project works well on mobile and is ready to be exported, select MenuProjectExport and pick the Android (Cordova) option.

Make sure that you've filled in all of the project properties, including name, version, description and ID. If anything is missing, Construct 3 will give you a warning when you try to select Android as your export option.

When the Cordova options dialog appears, there are two drop-down menus: Min. version, which specifies which version of Android is the minimum requirement for your app, and Android build. For this export, you'll need to select Signed release APK as your Android build. If you're curious as to what the other build options do, have a read of this tutorial.

Once you've selected Signed release APK, you'll notice that a whole new set of options appears under Signing:

If you've already got a keystore file for the app you're building (let's say you just want to publish an update to a pre-existing Play Store app for example) you can press the Choose under keystore and import your file. You can also skip ahead in this tutorial!

If you don't have one, select Create to bring up a new dialog:

You'll need to fill in all of these details in order to generate your keystore. Once you've filled in the form, Construct will generate a keystore file for you and a window will pop up with a download link. You'll notice that this window is rather full of text. However, it is worth reading as it's pretty important:

If the image is a little small to read, it says:

Because your app signing key is used to verify your identity as a developer and to ensure seamless and secure updates for your users, managing your key and keeping it secure are very important, both for you and for your users. If you lose access to your app signing key or your key is compromised, Google cannot retrieve the app signing key for you, and you will not be able to release new versions of your app to users as updates to the original app.

When using the build service a copy of your keystore will be transferred to the build server temporarily, and deleted once the build has completed. Neither C3 or Scirra hold a copy of any keystore created or used by the build service. You must keep your keystore in a safe and secure place.

If you are worried about the possibility of losing your signing key, you can use Google Play App Signing. This makes use of 2 keys instead of 1; an upload key and a signing key. When you use this service the Play Store verifies the key you used to sign your game for upload, then it signs it a second time with the signing key that Google stores securely. If you lose your upload key, or if it is compromised, you can contact Google to revoke your old upload key and generate a new one. Because your app signing key is secured by Google, you can continue to upload new versions of your app as updates to the original app, even if you change upload keys.

You can find more information about signing Android applications at:

https://developer.android.com/studio/publish/app-signing.html

At the bottom of the window mentioned above is a very long string of characters highlighted in bold. This is your SHA-1 signature which you will need if you plan on using some services such as Google Play. Take this opportunity to write this down, screenshot it or whatever you need to. Otherwise, your only other way of retrieving this signature is through a command line tool in the Java Development Kit.

Now that you have a keystore you can return to the signing screen, select choose and import your keystore.jks file. As the name suggests, a keystore can hold more than one key, so the 'Key Name' field is for choosing which key you want to use. The ones that Construct generates only have one key, and it's up to you what you want to call it, but you'll need to use the same thing as you used for the 'Alias' field when creating the keystore. Bear this in mind!

Your project will now be sent to our build service. When your APK is built, a window will appear with a download link. Congratulations, you are now the proud owner of a fully signed APK for Android!

Publishing

You can now upload this APK to the Google Play Console. You'll need to register a Google Play Developer account if you don't have one already, which may also involve a fee.

From here onwards you're using Google's services, so it's best to refer to their official documentation. Take a look at the Google Play Console Help Center for further guidance.

All Contributors

  • Laura_D's avatar
    Laura_D
    Last edited 24 May, 2018
    ~6,216 chars in 3 edits
  • Ashley's avatar
    Ashley
    Last edited 6 Jun, 2018
    ~653 chars in 3 edits

Share this Tutorial

Make games in your browser

You may use this tutorial for any purpose (even commercial) if you properly attribute it. Click here for more information.