How to Sign Apps: Difference between revisions

Revision as of 09:51, 28 April 2018

WizarPOS sign necessity

There are two mode of terminal:

production/user mode

In the production terminal, the public key of the signing private key of the apk will be checked, it should be issued by the app root public key. by default, there is default wizarpos root public key in the terminal. So you can request production public key to us for your keystore (which will be used to sign apk). The apply step is describe in the document wizarPOSDevCertificateApplyGuide_en.pdf.After get the response file from us, you should import the file to your keystore, then all the apk signed by this keystore can be installed to production terminal.

developing/engineer mode

The developing terminal do not check public key. It's for the developer to debug their app, so it has USB connection and adb.

Please notice, because of this difference, if your developing terminal switch to production terminal, all the application you installed in terminal, which is also not signed by above keystore, will be removed automatically. Of cause, the default wizarpos root public key can be updated to terminal owner's root public key in future. So the terminal owner can control there apk certificate by themselves.

@@ Line 1: / Line 1: @@
+== WizarPOS sign necessity ==
+There are two mode of terminal:
-The sytems of WizarPOS terminals are all Android system. In Android system, all the application should be signed before installed to terminal. The key used to sign apk is the private key of a RSA key pair in a keystore. So in the keystore, there is a key pair (private key/ public key) and the public key's certificates.
+* production/user mode
-Please refer to [https://developer.android.com/studio/publish/app-signing Google's resource] for detail.
+In the production terminal, the public key of the signing private key of the apk will be checked, it should be issued by the app root public key. by default, there is default wizarpos root public key in the terminal. So you can request production public key to us for your keystore (which will be used to sign apk). The apply step is describe in the document wizarPOSDevCertificateApplyGuide_en.pdf.After get the response file from us, you should import the file to your keystore, then all the apk signed by this keystore can be installed to production terminal.
-In the signed apk, the certificate relevant to the signing private key is included in the package.
+* developing/engineer mode
+The developing terminal do not check public key. It's for the developer to debug their app, so it has USB connection and adb.
-In the production terminal, the certificate of the signing private key of the apk will be checked, it should be issued by the app root certificate. But the developing terminal do not check certificate.
-by default, there is default wizarpos root certificate in the terminal. So you can request production certificate to us for your keystore (which will be used to sign apk). The apply step is describe in the document wizarPOSDevCertificateApplyGuide_en.pdf.
-After get the certificate from us, you should import the certificate to your keystore, then all the apk signed by this keystore can be installed to production terminal.
 Please notice, because of this difference, if your developing terminal switch to production terminal, all the application you installed in terminal, which is also not signed by above keystore, will be removed automatically.
+Of cause, the default wizarpos root public key can be updated to terminal owner's root public key in future. So the terminal owner can control there apk certificate by themselves.
-Of cause, the default wizarpos root certificate can be updated to terminal owner's root certificate in future. So the terminal owner can control there apk certificate by themselves.