Checking APK signatures

Most SDKs require the application to be signed with the correct signature. To find out what signature an APK file is signed with, you will need to use some extra tools that display the signature fingerprint.

Information about signature is specified in the build.gradle file. If you do not specify the signature explicitly, the default signature ~/.android/debug.keystore will be used.

Here are the ways you can check the signature.

Checking a signature via Android Studio

gradle signingreport

Command result:

The signature fingerprint is specified in SHA-256.

Checking a signature via apksigner

apksigner verify --print-certs -v example.apk

example.apk — your app.

Mac OS command result:

The Signer #1 certificate SHA-256 digest value is the signature fingerprint you are looking for.

Checking a signature via keytool

keytool -printcert -jarfile example.apk

example.apk — your app.

Mac OS command result:

The signature fingerprint is specified in SHA-256.

Checking push notifications

The signature fingerprint obtained using the above tools must match the fingerprint specified in the Draft Push Notifications - SHA-256 Signature Fingerprint.

tip

For more information on signatures, refer to official Google documentation.

Checking APK signatures

Checking a signature via Android Studio​

Checking a signature via apksigner​

Checking a signature via keytool​

Checking push notifications​

Checking a signature via Android Studio

Checking a signature via apksigner

Checking a signature via keytool

Checking push notifications