Android: hand keystore over to different developer

I developed an android project for a customer which I signed with my own gener开发者_StackOverflowated keystore.

Now I'd like to hand over the project to a different developer; (how) is it possible for him to sign the app and submit it to the market - without my keystore? Can I generate a file for him or how does that work?

Thanks a lot!

Signing Your Applications is detailed in the Android documentation:

Application upgrade – As you release updates to your application, you will want to continue to sign the updates with the same certificate or set of certificates, if you want users to upgrade seamlessly to the new version. When the system is installing an update to an application, it compares the certificate(s) in the new version with those in the existing version. If the certificates match exactly, including both the certificate data and order, then the system allows the update. If you sign the new version without using matching certificates, you will also need to assign a different package name to the application — in this case, the user installs the new version as a completely new application.

This basically means that any developer will need to sign updates with your keystore, or users won't be able to install the new version.

You can modify the passwords for your keystore but you generating a new keystore will cause problems for your users. If you generate a new keystore, you'll have to remove the app from the Market and submit a new version. Existing users will not be able to upgrade - they'll need to uninstall and install the new version.

1. if you can want to give your keystore it's possible for that you need to give their details like alias name, password etc.

2. Another developer can create there own keystore on his way

Application signing gives you the possibility to make updates to the application. If the application v1.0 is signed with one certificate and application v1.1 is signed with different certificate - your users won't see the update notification, it will appear like a new application. Who should own the keystore is not as important, as fact that every update must be signed with the same certificate. In fact, the owner of the certificate must be the publisher: if you're the publisher - sign it with your certificate, if the customer publishes the application - sign it with his certificate. Hope this helps.