CloudPOS SDK
  • CloudPOS SDK
    • EMV Develop Spec
    • Scanning Service Usage
    • API Specification
    • CloudPOS SDK AAR
    • Java API Samples
    • Permissions
    • Error code
    • MDB Communication Protocal
  • POS_Specs
  • FAQ
    • SDK Error Collection
      • Printer
      • PINPAD
      • Contactless Card
      • IC Card
      • MSR Card
    • Hardware/Repair
      • Recover a Tampered Terminal
      • Learning Tampered Events
      • Remotely Reactivate from Tamper
      • TF (Micro SD) Card Suggestion
      • Understand Tamper Reason
    • Printer
      • Verify Terminal Printer Status
      • Print Unsupported Character Sets
      • Use Terminal Bluetooth Printer
      • Print Images
      • Print QR Codes
      • Evaluate HTML Print Performance
      • Evaluate Print Performance
      • Print with TM T88IV
      • Replace HTML Print Font
      • Java API Printer Operations
      • Understanding Image Print Gaps
      • Print with JavaScript
      • Verify Printer Paper Status
    • USB/Serial Port
      • Install Terminal USB Drivers
      • Install UU Cable Driver
      • Reinstall Production Serial Drivers
      • Linux Serial Driver Installation
      • Serial Port Development
      • Add Linux Udev Rules
      • ReOpen Serial after Wake-up
      • Close Serial after Disconnect
      • Connect Accessory Mode
      • Detect UU Cable Connnected
      • Control Fan via Serial Port
      • List Connected USB Devices
      • Accessory Agent Service D22/Q3
    • Firmware
      • Update Firmware
      • Understand Firmware Naming
      • Compare Engineer/User Modes
      • Configure POS Home Settings
      • Configure POS System Settings
      • Prevent Accidental App Uninstallation
      • Troubleshoot "Agent Stopped" Error
      • Resolve Forgotten Lock Password
      • Utilize Q1 Buttons
      • Adapt Q1 4G
      • Customize Boot Logo/Animation
      • Set Wallpaper
      • Activate Startup Special Mode
      • Install Browsers
      • Understand Firmware External Access
      • Get Terminal Firmware Modes
      • Write Customer Serial Numbers
      • Enable Touch Screen Wake-Up
      • Set User System Properties
      • Enable and Disable MTP
      • Update POS WebView
      • Disable File Explorer for TF/Pendrives
      • Manage Screen On/Off
      • Disable notification badges
      • Scheduled Terminal Reboot Setup
    • Settings Menu
      • Perform Factory Data Reset
      • Understand Settings Menus
      • View Terminal Certificate List
      • Understand Merchant Self Test
      • Use Network Self-Test
      • Change System Language
      • Log in as Administrator
      • Change Administrator's Login Password
      • Update Terminal Time
      • Update Terminal Time Zone
      • Update Time Zone from IP
      • Enable Settings Menu Role Control
      • Update Role Passwords API
      • Disable Bluetooth/Wi Fi
      • Enable/Disable Auto Time Zone
      • Enable/Disable Automatic Time
      • Set Display Sleep
      • Grant Accessibility Permission Automatically
      • Disable Security Lock
      • Access Settings Sub Menu
      • Set Language API
    • Battery/Power
      • Understand Special Charging Indicator
      • Preserve Terminal Battery Life
      • Understand Q2 Low-voltage Shutdown
      • Understand Terminal Battery Performance
      • Understand Counter Mode
      • Turn Off Terminal API
    • SIM/Ethenet/WIFI
      • Disable POS Hotspot
      • Activate POS Hotspot
      • Retrieve Terminal IMEI Number
      • Retrieve Terminal MEID Number
      • Understand Modem Bands
      • Troubleshoot Terminal SIM Signal
      • Resolve SIM Network Issues
      • Troubleshoot Network Search Error
      • Check eSIM Status
      • Ethernet Connectivity Usage
      • Set Communication Mode
      • Troubleshoot USSD Issues
      • Set Preferred Network Type API
      • Add APN API
      • Set Static Ethernet API
      • Enable/Disable Mobile Data API
      • Set Network Operators API
      • Activate eSIM
      • Enable/Disable Ethernet
    • Certificate
      • Apply App Certificates
      • Renew App Certificate
      • App Installation Controls
      • Install CA Certificates
      • Clear Terminal Certificates
      • Understand Certificate Visibility
    • Card
      • Contactless Card Distance
      • NFC Buffer Size Understanding
      • Use Contactless CPU Card
      • Use Felica Card
      • Use Mifare Card
      • Understand PSAM Card Exceptions
      • Optimal Tap Positioning Guide
    • FingerPrint
      • Fingerprint Module Usage Guide
      • Fingerprint DPI Specifications
      • Fingerprint Data Formats
    • Other Development
      • New Android Studio Versions
      • Setup ANDROID HOME
      • App Signing Process
      • Install POS Applications
      • Create First Android App
      • Retrieve Terminal Logs
      • Resolve APK Signature Conflict
      • Obtain Unfiltered Full Log
      • Obtain Terminal Current Location
      • Use Terminal Camera
      • Get Test APKs
      • Learn ADB Commands
      • Get Advanced Demos
      • Import Java SDK in C
      • Obtain Signal Strength
      • Get D3 Demos
      • Learn Kiosk Mode
      • Block Status Bar API
      • Display Full-Screen API
      • Display Full Screen Android API
      • Disable Home Key
      • Capture Power Button API
      • Retrieve Terminal Info
      • Save Files Locally
      • Set Default Launcher
      • Get Firmware Version
      • Get Firmware&EMV Version
      • Implement TLSv1.3
      • Auto-Run Post-Install
      • Understand Secure Connections
      • Use AnyDesk
      • Export Database to SD
      • Migrate App to Q2Premium
      • Auto-Run App Post-Boot
      • Integrate Java SDK in Flutter
      • Call AIDL Interface
      • Connect wirelessly
      • Get POS SN
      • UPT development-related
      • Q3 PDA Terminal Barcode Scanner
    • Key Injection
      • Inject Test Keys Remotely
      • Understand DUKPT
      • Understand Master&Session Keys
      • Use TMK KeyLoader POS
      • Understand Remote Key Injection
      • Resolve Serial Timeout
      • Import TMK Error: 74496
    • PINPAD
      • PINPAD Configuration Summary
      • Customize PINPAD GUI
    • TMS/Wizarview
      • TMS Overview
      • TMS User Guide
      • Register Terminal to WizarView
      • Accept TMS File Downloads
      • Handle User Locked Status
      • Apply WizarView Account
      • Batch Import Terminals
      • Unbind App Configuration
      • Remove App via TMS
      • Understand Agent Error Codes
      • Understand TMS IP Ports
      • Understand Update Scenarios
      • Understand App Binding Types
      • Apply RMA Maintenance Account
      • Update Firmware Remotely
      • Push APK to Specific Device
      • Set Agent Working Mode
      • Manage APK Prompt Installation
      • Network Control in Agent
      • Push Apps Using Tags
      • Deploy AID/CAPK via TMS
    • EMV
      • What's Tag91
      • What's CAPK
      • Set Issuer Scripts
      • Resolve Detection Priority Conflict
  • Wizarview Open API
Powered by GitBook
On this page
  • APK Signature and Verification Process
  • How to sign APK
  1. FAQ
  2. Other Development

App Signing Process

PreviousSetup ANDROID HOMENextInstall POS Applications

Last updated 10 months ago

APK Signature and Verification Process

Standard Android System Requirements

  • Application Signing:

    • All applications must be signed before installation on a standard Android system.

    • For detailed instructions, refer to on application signing.

wizarPOS Terminal Specifics

  • Enhanced Signature Checks:

    • In addition to standard Android signature verification, wizarPOS terminals conduct additional checks using the root certificate chain.

    • Only APKs signed with the root certificate or a child certificate are permitted for installation.

  • Obtaining a Signing Certificate:

    • Developers must acquire a signing certificate issued by wizarPOS.

    • Refer to for instructions on applying for this certificate.

  • Importing the Certificate Chain:

    • After receiving the CSR reply from wizarPOS, import the certificate chain file into your keystore.

    • APKs signed with this keystore will be installable on wizarPOS terminals.

Development Mode Terminals

  • Relaxed Signature Requirements:

    • Terminals in development mode do not require the additional signature verification.

    • This allows for the use of ADB to install and debug Android applications in development mode.

Custom Certificate Chains

  • Terminal Control:

    • The certificate chain issued by wizarpos can be replaced with the terminal owner's own certificate chain.

    • This enables terminal owners to have full control over the applications installed on their terminals.

How to sign APK

Use IDE to sign APK

  • Click Build>Generate Signed Bundle/APK

  • Select APK

  • Choose keystore and input the info in the follow picture, click Next

  • Keep Default settings, set stored path of the signed APK, then click Finish

Use Android apksigner to sign APK(Highly recommend)

For Example: Sign an APK using release.jks, which is the only key in the KeyStore:

 $ apksigner sign --ks release.jks --out <out path>/<out name>.apk app.apk

Use command line tool to sign APK(Deprecated)

Run signature tool

In PC, run the follow command:

  • Use jks:java -jar <File Path>/SignatureTools.jar sign --keytype jks --apk <File Path>/<in name>.apk --out <File Path>/<out name>.apk --keystore <File Path>/<name>.jks --alias androiddebugkey --storepass wizarpos([Optional]) --sigAlg SHA1withRSA(SHA1withRSA/MD5withRSA/SHA256withRSA, [Optional]) --signatureScheme v1v2(v1/v2,[Optional]) --zipalign

Replace the real parameter value, and change the key password and store password to your real password.

For Example: java -jar SignatureTools_v2.5-81-g1e5b0ac sign --keytype jks --apk bcare_wallet_beta_andorid6.apk --out bcare_wallet_beta_andorid6_signed3.apk --keystore E:\...\XXX.jks --alias XXX--keypass XXX --storepass XXX --signatureScheme v1v2 --zipalign --quiet

  • Use pk8:java -jar <File Path>/SignatureTools.jar sign --keytype pk8 --apk <File Path>/<in name>.apk --out <File Path>/<out name>.apk --keyfile <File Path>/private_pwd.pk8(With or Without password) --certs <File Path>/cert.x509_pwd.pem --keypass android(Optional) --storepass android(Optional) --sigAlg SHA1withRSA(SHA1withRSA/MD5withRSA/SHA256withRSA, Optional) --signatureScheme v2(v1/v2)

Replace the real parameter value, and change the key password and store password to your real password.

Parameter
Value
Specification

--keytype

jks or pk8

The type of the keystore which used to sign the APK.

--keystore

The path of the jks key store file

It must be defined when using jks keystore

--keyfile

The path of the pk8 file

It must be defined when using pk8 file as keystore.

--apk

The file path of the apk before signed

The file path of the apk before signed

--out

The file path of the apk after signed

The file path of the apk after signed

--alias

Alias name of private key

Alias name of private key in jks file

--certs

Certificates file path

When keytype is pk8, this is the certificate chain

--storepass

Password of keystore file

Password of keystore file

--keypass

password of private key

password of private key in jks file or pk8 file

--sigAlg

SHA1withRSA or MD5withRSA or SHA256withRSA

signature algorithm

--signatureScheme

v1 or v2 or v1v2

signature scheme

--zipalign

apk zipalign

--quiet

suppress informational messages, only show warnings and errors.

Please refer to

Please read this .

WizarPOS provides a Java signature tool to help developers sign APK. You can use it on the command line. Please download the . Make sure you have JRE 1.6 or later installed on your PC.

Google's official resources
wizarPOSDevCertificateApplyGuide_en.pdf
Google Sign APP
apksigner tool
signature tool v2.5-81