Test your App

This article applies only to Custom Protected apps published as Google Play signed AABs. If you protected your app with Quick Protection, your app is already signed for testing only.

Before you can test your protected app, you must upload the protected app to Google Play for signing and then download the signed protected app.

Your app is locked to the Google Play signing certificate. That means you cannot sign the app locally. Doing so will trigger a security violation when the app runs. To test the app, it needs to be signed by the private key associated with the “App signing key certificate” that was downloaded from Google Play.

1. From the Verimatrix platform, download your newly protected AAB. Sign it with your Upload private key using the CLI command:
   jarsigner -keystore \<path_to_keystore> -keypass \<key_entry_password> -storepass \<keystore_password> <app-release-protected>.aab \<key_entry> <alias>

The upload key will probably be the key used to sign your first AAB uploaded to Google Play Console.

2. On the Google Play Console, upload the protected and signed AAB as an Internal Testing release.

   

3. In the App Bundle Explorer, download the “Signed, universal APK”. This APK will match the behavior your end users see. For testing, this APK can be installed and run on real devices using ADB.