Android: hand keystore over to different developer

Question

I developed an android project for a customer which I signed with my own generated keystore.

Now I'd like to hand over the project to a different developer; (how) is it possible for him to sign the app and submit it to the market - without my keystore? Can I generate a file for him or how does that work?

Thanks a lot!

Answer 1

Signing Your Applications is detailed in the Android documentation:

Application upgrade – As you release updates to your application, you will want to continue to sign the updates with the same certificate or set of certificates, if you want users to upgrade seamlessly to the new version. When the system is installing an update to an application, it compares the certificate(s) in the new version with those in the existing version. If the certificates match exactly, including both the certificate data and order, then the system allows the update. If you sign the new version without using matching certificates, you will also need to assign a different package name to the application — in this case, the user installs the new version as a completely new application.

This basically means that any developer will need to sign updates with your keystore, or users won't be able to install the new version.

You can modify the passwords for your keystore but you generating a new keystore will cause problems for your users. If you generate a new keystore, you'll have to remove the app from the Market and submit a new version. Existing users will not be able to upgrade - they'll need to uninstall and install the new version.