Why do you want to sign???
With so many people developing Android, it's entirely possible that we all put the class name, the package name, in the same name, how do you differentiate it? Signature is a distinguishing function.
Since the developer may be confused by using the same package name to replace the installed program, the signature can guarantee a considerable name, but the signature of different packages is not replaced.
APK If you use a key signature, a file signed by another key when it is published will not install or overwrite the old version, preventing your installed app from being overwritten or replaced by a malicious third party.
This signature is actually a developer's identity. When something happens in a transaction, a signature can prevent it from happening.
Signature Considerations
- All Android apps must have digital signatures, no applications that do not have digital signatures, including those running on the emulator. Android does not install apps without a digital certificate.
- Signed digital certificates do not require authority to authenticate, is the developer's own production of digital certificates, known as self-signed.
- When you publish an Android app, you must use a digital certificate generated by a suitable private key to sign the program and not be published using the ADT plugin or the debug certificate generated by the Ant tool.
- Digital certificates are valid, and Android only checks the validity of the certificate when the application is installed. If the program is already installed on the system, it does not affect the normal functionality of the program, even if the certificate expires.
Introduction to packaging and signing Android programs