How to Sign Android APK and Android Flashable ZIP file

If you are building your Custom Android ROM and creating a Update.zip package you need to Sign your package with a valid certificate inorder to flash in your Android Device. This tutorial shows you how to Repack the zip file using Command line and sign your zip file. If you are repacking a APK file you need to sign it again with a certificate. Just follow the simple tutorial to implement this.

  Requirements

SignApk

Download SignApk and extract it.
The SignApk package you downloaded has prebuilt private key.

Instructions to Repack and Sign

1. Move to folder which is to be zipped using Terminal. Example cd [Folder Name].
2. Enter the command

zip -r9 [Filename.zip] *

Here Filename.zip is your prefered name of the zipped file. Here I used the name as gapps.zip.


3. Now copy the zip file which is to be signed to the extracted SignApk folder. You will find testkey.pk8 and testkey.x509.pem file. These two files are the certificate and private key provided by android. If you want to use your own certificate and key replace it.
4. Now use the command, replace the name with  your zip name.

 java -jar signapk.jar testkey.x509.pem testkey.pk8 [unsigned.zip] [signed.zip]


5. Now you will obtain Signed zip file. You can flash it directly.

Instructions to Sign ZIP file

1. Place the APK which is to be signed in the SignApk folder.
2. Then use the following command, replace your APK name.

java -jar signapk.jar testkey.x509.pem testkey.pk8 [unsigned.apk] [signed.apk]

 Now your APK is signed.

Source:Learn2crack