DEV Community

HarmonyOS
HarmonyOS

Posted on

Releasing a HarmonyOS App Quick App to AppGallery Connect

#harmonyos #appsigning #appgalleryconnect #releasecertificate

Read the original article:Releasing a HarmonyOS App Quick App to AppGallery Connect

Context

HarmonyOS enforces a strict signature verification process to ensure app integrity and security. Before any HarmonyOS app or Quick App can be released on AppGallery Connect, it must be signed using a release certificate and release profile. These files validate the authenticity and trustworthiness of the app package (.app).

Description

The release process for a HarmonyOS app or Quick App involves several critical stages:

  1. Preparing signature files – creating a keystore (.p12) and CSR (.csr) to request certificates.
  2. Applying for a release certificate and profile – obtaining the digital certificate (.cer) and profile (.p7b) from AppGallery Connect.
  3. Configuring signature information – integrating these files into the project’s signing configuration within DevEco Studio.
  4. Building the release package – compiling the project as a signed release App Pack (.app).
  5. Releasing to AppGallery Connect – uploading the signed .app file for release to users.

Solution / Approach

  1. Generate Key Store and CSR
    • In DevEco Studio, navigate to: Build > Generate Key and CSR
    • Create a new keystore (.p12) or use an existing one.
    • Generate the CSR file containing your public key and organization details.
  2. Request Release Certificate and Profile
    • Use the CSR file in AppGallery Connect to request:
      • Release Certificate (.cer)
      • Release Profile (.p7b)
    • Download these files once approved.
  3. Configure Signature in DevEco Studio
    • Go to: File > Project Structure > Project > Signing Configs > default
    • Deselect “Automatically generate signature.”
    • Provide the following details:
      • Store File: keystore (.p12)
      • Store Password, Alias, Key Password
      • Profile File: release profile (.p7b)
      • Certpath File: release certificate (.cer)
    • Set the signing algorithm to SHA256withECDSA.
  4. Build the App for Release
    • Select: Build > Build Hap(s)/APP(s) > Build APP(s)
    • The release App Pack (.app) will be generated in: build > outputs > app > release
  5. Release to AppGallery Connect
    • Upload the signed .app file to AppGallery Connect for publication.
    • Ensure any required public key fingerprints are updated if the app uses kits such as Account Kit, Map Kit, or Payment Kit.

Key Takeaways

  • HarmonyOS requires all release apps to be digitally signed for authenticity.
  • The signing process involves three main files:
    • .p12 (keystore)
    • .cer (certificate)
    • .p7b (profile)
  • Debug certificates cannot be used for app releases.
  • The signing algorithm is SHA256withECDSA.
  • The final deliverable for release is a digitally signed .app file.

Additional Resources

https://developer.huawei.com/consumer/en/doc/harmonyos-guides/ide-publish-app

Written by Emine Inan

Top comments (0)