I got 'App not installed as package appears to be invalid' message when trying to install my signed release app manually on Android 12. However, it can be installed in my other phones which are Android 9 and Android 6.
I use jarsigner to sign my apk :
$ jarsigner -verbose -sigalg SHA256withRSA -digestalg SHA-256 -keystore my-release-key.keystore <app-release-unsigned.apk's path> alias_name
And use zipalign to optimize :
$ zipalign -v 4 <path-to-same-apk-file> HelloWorld.apk
I've change my phone setting so that able to install unknown apk and tested with app-debug.apk and it works just fine. For more information, my app is written by using quasar framework and built by using cordova.
On Android 12, you have to use V2 signing scheme to sign your APK. Unfortunately, jarsigner is only v1 signing scheme.
In short, use apksigner to sign your APK in place or jarsigner, or if you use Android Studio, don't forget to check the "V2 signing" check box or define the signingConfig enabling v2 signing.
Related
I have an apk using eclipse ADT and old keystore.
now app update on google play store requires using App Signature Scheme v2 and target API 30.
is there a way I can do to create a keystore signature scheme v2 file, without having to migrate my app from Eclipse ADT to Android Studio.
Thanks.
I am using this as a quick fix hack
after the zipalign step is done :
zipalign -v 4 HelloWorld-release-unsigned.apk HelloWorld.apk
I have followed this extra step:
apksigner sign --ks app.keystore --v1-signing-enabled true --v2-signing-enabled true HelloWorld.apk
Please note : use the same password you used for the keystore file.
So now you can upload your .apk file or .aab file to play store
With the help of this answer I managed to sign my Eclipse Android project with signature scheme v2. I am running Eclipse under Ubuntu.
Right click on the project and select Android Tools -> Export Unsigned Application Package...
Specify the destination of the unsigned apk file.
In the console execute this: zipalign -f 4 unsigned.apk signed.apk
and this: apksigner sign -ks path_to_keystore_file --v1-signing-enabled true --v2-signing-enabled true signed.apk
Enter the password for the keystore.
Enter the password for the signer.
zipalign and apksigner I installed before with sudo apt install zipalign apksigner.
I am using Eclipse for Android Developers with version "Oxygen Release Milestone 2 (4.7.0 M2) Build id: 20160922-0846".
After build for release -> jarsigner -> zipalign,
I just need these scripts. To sign the apk with APK Signature Scheme v2:
apksigner sign --ks yourkeystore.keystore yourapk.apk
To verify the signing
apksigner verify -v yourapk.apk
I'm trying to test google in app purchase system.
If I download from the app from google play, in app purchase works.
However if I run the app directly from android studio, I can't because of error code 5 or 0.
I think its because when running through android studio on test device its not signed. how do i do that ?
You need to sign it manually with your production keystore:
jarsigner -sigalg MD5withRSA -digestalg SHA1 -keystore "PATH" -storepass KEYSTORE_FILE app-unsigned.apk ALIAS_NAME
Then you maybe need to zipalign:
zipalign "-v" "4" "PATH TO SIGNED APK" out.apk
How to sign your APK or Android App Bundle in release mode in Visual Studio Native-Activity Application (Android) project?
When I rebuild solution and deploy solution in release ARM target, navigate to Release folder and drag and drop apk file to play.google.com (Play Store), there is following error message.
Upload failed
You uploaded a debuggable APK or Android App Bundle. For security reasons you need to disable debugging before it can be published in Google Play. Learn more about debuggable APKs or Android App Bundles.
You uploaded an APK or Android App Bundle that was signed in debug mode. You need to sign your APK or Android App Bundle in release mode. Learn more about signing.
I have manged to generate and download deployment_cert.der on play store, but not sure how it can be added to apk in Visual Studio Native-Activity Application (Android) project.
Figered it out now.
Built APK file can be signed by using command line (without need of installing Android Studio). This can be done as follows:
1.) Bellow will allow to build unsigned APK in release mode:
.packing project Properties --> Ant --> Ant Build Target --> Release (Release Mode)
2.) Add JDK and Android SDK to PATH. In my case (installed by VS installer) those paths are:
C:\Program Files\Java\jdk1.8.0_172\bin
C:\Program Files (x86)\Android\android-sdk\build-tools\25.0.3
3.) Create keystore with key:
keytool -genkey -v -keystore my_app.keystore -alias alias_name -keyalg PSA -keysize 2048 -validity 10000
4.) Sign APK:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my_app.keystore My.App.Packaging-release-unsigned.apk alias_name
5.) ZIP align:
zipalign -f -v 4 My.App.Packaging-release-unsigned.apk My.App.apk
6.) Drag and drop to Play Store
I'm trying to deploy an android apk created by Cordova but I'm wrong. Here is my process :
1)Build the release apk : cordova build android --release
2)Generate a keystore : keytool -genkey -v -keystore my-release-key.keystore -alias com.MyCompany.AppsName -keyalg RSA -keysize 2048 -validity 10000
I create password named MyPass, and write all information in the form (name, country,...)
3)Signed the Apps : jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore android-release-unsigned.apk com.MyCompany.AppsName
4)Checked for signing : jarsigner -verify -verbose -certs android-release-unsigned.apk
I get this output :
"jar verified.
Warning:
This jar contains entries whose certificate chain is not validated.
This jar contains signatures that does not include a timestamp. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2043-12-07) or after any future revocation date."
5)Zip the Apk : "c:\pathtosdk\zipalign.exe" -v 4 android-release-unsigned.apk com.MyCompany.AppsName.apk
6)And then i copy the Apk on a android device.
But when I try to install the Apps, the device ask me to allow unknown sources... like it's not signed.
Is anyone who know where i'm wrong ?
Thanks in advance
Your apk is probably signed and perfectly fine. the reason it asks to allow unknown sources because by default it does not allows to install .apk files from other sources than google play store. Security issues
https://support.google.com/nexus/answer/2812853?hl=en
That's the message you will receive if your not downloading the app from the play store which is true for you case. That doesn't have anything to do with the app being signed.
Try to install a derived a apk. First release your app in Alpha Release of play store. Then download the derived apk from alpha release. I think that will help.
I generated a apk file by running
meteor build ~/output-dir --server=myapp.meteor.com
,
then got release-unsigned.apk in the folder output-dir, it looks good.
I copy this apk file to my Android phone and tried to install it, after install guide, it shows message App not installed.
I have installed some apk files built by java on my phone before, it works, so is there something I need handle when I install apk file built by meteor?
As the documentation states, you can't install unsigned applications on your Android phone:
Android requires that all apps be digitally signed with a certificate
before they can be installed.
As far as I can tell, you have the following two options to run your app:
Use an emulator to run your unsigned app or
sign your app.
To sign your app, you can use the steps, described in the Meteor guide for submitting Android apps to the Play Store:
Generate a private key using the keytool (skip this step, in case you already have a private key generated):
keytool -genkey -alias your-app-name -keyalg RSA -keysize 2048 -validity 10000
Sign your app using the jarsigner tool:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 unaligned.apk your-app-name
After that, you should be able to install and run your application on your Android phone.