I generated a signed apk with a target sdk version of 30. (Android 11). I know it wasn't officially released but my application is ready for the new changes. I am trying to upload it to the google play console but facing the error:
You uploaded an APK with an invalid signature (learn more about
signing). Error from apksigner: ERROR:
MIN_SIG_SCHEME_FOR_TARGET_SDK_NOT_MET: Target SDK version 30 requires
a minimum of signature scheme v2; the APK is not signed with this or a
later signature scheme.
What I tried to do:
I double checked that I selected v2 (Full APK Singature) when I generated the apk.
I tried to manually sign the apk using apksigner.
Nothing worked. I'm wondering if it's not working since the version wasn't released yet. However, I understand that it suppose to work from the documents.
Short answer for those building Cordova projects on the command line: You'll need to switch from jarsigner to apksigner and set up the command accordingly. NOTE: You'll need to run zipalign before apksigner, which is different from how we used to use it with jarsigner. Here's an example:
cordova build android --release
zipalign -f 4 platforms/android/app/build/outputs/apk/release/myapp-release-unsigned.apk myapp.apk
apksigner sign --ks my-ks.keystore --ks-pass file:my-passfile.txt --v1-signing-enabled true --v2-signing-enabled true myapp.apk
... upload apk to store or whatever ...
Select both V1 and V2(Full Apk Signature) while generating the apk. This solved my issue which was similar to yours.
Generate an App Bundle instead of an APK.
In my app I targeted api 30 and published the bundle without problems.
I had a tough time solving that issue. The following helped me resolve it completely.
Add the following 2 lines in config.xml (root directory of the Cordova project)
<preference name="android-minSdkVersion" value="30"/>
<preference name="android-targetSdkVersion" value="30"/>
Import your project in AndroidStudio
Under Build Click on Generate Signed Bundle / APK
Select Android App Bundle
Update Keystore file/password and all requested details (Please select the option of the export encrypted key, as you will require to upload this on the playstore)
Select Release
Before uploading the app bundle you need to upload the certificate (the one you download in step 4)
(optional step) You will also see an auto-generated App signing key certificate you can download that if you want
Upload the App Bundle & you can now release the App to PlayStore.
Environment: Windows 10 64 bit, Android Studio 3.2 Canary 15.
I have added free and paid flavours to a test project and than built signed APK's.
When Running the release APK's I get the following error -
Installation failed with message Failed to finalize session :
INSTALL_PARSE_FAILED_NO_CERTIFICATES: Package
/data/app/vmdl2005941423.tmp/0_base-master has no certificates at entry
AndroidManifest.xml.
It is possible that this issue is resolved by uninstalling an existing
version of the apk if it is present, and then re-installing.
I tried to re sign my APK with both V1 and V2 signature versions and still I get the same error when running release versions.
After analyzing the release APK's it turns out that AndroidManifest.xml shows the xmlns:android of the Manifest tag in red :
<manifest
xmlns:android="http://schemas.android.com/apk/res/android"
When I hover the red text it says "URI is not registered..."
I have no idea what it means...
What is the cause for this error ?
According here,
When building the APK Set, set the --ks and --ks-key-alias flags to ensure that the APKs are signed. Only signed APKs can be installed on a device.
The Android SDK should come with a debug keystore. Try looking under ~/.android/debug.keystore (alias: AndroidDebugKey, pwd: android).
In other words, only signed apk could be install to devices. This makes sense since App Bundle is really use for distribution.
I have published an app in 2010. Back then, I had created a local keystore and one key, which I have never changed and used for all my (about 30) versions of this app which I have published since then.
I never had any issues with this, it always worked fine, back in the days when I developed with Eclipse, neither the last few years when I switched to Android Studio.
The last version I published 2016-12-23. Now I wanted to publish a new one, generated a signed APK with Android Studio, uploaded it to Developer Console... and got the following error message:
Upload failed - You uploaded an APK with an invalid signature (learn more about signing). Error from apksigner: ERROR (Jar signer CERT.DSA): JAR signature META-INF/CERT.DSA uses digest algorithm SHA-1 and signature algorithm SHA-1 with DSA which is not supported on API Level(s) 8 for which this APK is being verified
I tried these combinations of the (newly available) signature version options (always with the same result):
only "V1 (Jar Signature)"
both "V1 (Jar Signature)" and "V2 (Full APK Signature)"
I am using Android Studio 2.3.3 with buildToolsVersion 25.0.0 and Gradle version 3.3.
The error message you're seeing is that this APK won't install on Android Froyo (API Level 8). The APK's JAR signature (META-INF/CERT.DSA) uses OID 1.2.840.10040.4.3 (SHA-1 with DSA) to specify the signature algorithm. This OID is supported on Android in JAR signatures only from API Level 9 but your APK's AndroidManifest.xml specifies -- via android:minSdkVersion attribute -- that the APK supports API Level 8. For DSA, the best signature algorithm OID to use in JAR signature is 1.2.840.10040.4.1 (DSA, not SHA-1 with DSA). The resulting cryptographic signature is exactly the same, it's just that this OID is supported in JAR signatures by all Android versions. Signing tools normally don't provide this level of control though, but they are supposed to pick a working OID.
Android Studio, Android Plugin for Gradle, and apksigner are all supposed to produce correctly signed APKs unless you specify custom parameters. For example, does your build.gradle file specify minSdkVersion 9 or higher by any chance? Or, perhaps, you're release-signing the APK using jarsigner which doesn't know about Android rules...
Ideas:
If you're release-signing using jarsigner, switch to apksigner or use Android Studio / Android Plugin for Gradle for release signing. For example, to re-sign an APK using apksigner:
apksigner sign --ks my.keystore app.apk
If you're release-signing using Android Studio / Android Plugin for Gradle, in your build.gradle file, specify the same minSdkVersion as in the AndroidManifest.xml. Alternatively, perhaps, dropping minSdkVersion from build.gradle file will make Android Studio / Android Plugin for Android use the minSdkVersion from AndroidManifest.xml? I'm somewhat dubious about this because Android Studio 2.3.3 is supposed to use the correct/safe OID 1.2.840.10040.4.1 when signing such APKs...
Adjust minSdkVersion in AndroidManifest.xml to 9 or higher if you're fine with dropping support for Froyo.
P. S. To check whether your APK is properly signed and to see the errors that will likely be reported by Google Play at upload time:
apksigner verify my.apk
So im trying to publish my new android app to the Google PlayStore. From reading this tutorial I understand that I have to sign my app before releasing it to the PlayStore. I did exactly the same as in the tutorial. After uploading it to the PlayStore I tried to install the App on my device. I got the message "Package file was not signed correctly". This is strage.. In xamaran studio I get the message "Package succesfully signed".
If I try to install the App from the apk on the device I get the message "Unable to install"
What could be wrong here?
Im using Xamarin Studion on a Mac.
Found the problem..This is a JAVA tooling problem. This occurs frequently with mixing JDK and JRE tools on the system.
DO NOT USE THE TOOLS FROM Java 7!
Only use the tools from JDK 6.
You can check what version you have by typing:
java -version
If you are still unsure whether the signing was succesfull you can type:
which jarsigner
jarsigner -verify -verbose -certs myapp.apk
When publishing on a Mac, I automate the process using rake. This gist is a sample rake file showing how to do so. This rake file will version the assembly, compile the application, and then sign/zipalign the APK.
Note that the Albacore gem must also be installed.
this seems to be caused by switching from JDK 1.6 to JDK 1.7. Instead of sticking to JDK 1.6 (which is not an option in some cases), I recommend to create a small script for creating the signed&aligned apk based on http://developer.xamarin.com/guides/android/deployment,_testing,_and_metrics/publishing_an_application/part_1_-_preparing_an_application_for_release/
# First clean the Release target.
msbuild.exe HelloWorld.csproj /p:Configuration=Release /t:Clean
# Now build the project, using the Release target.
msbuild.exe HelloWorld.csproj /p:Configuration=Release /t:PackageForAndroid
# At this point there is only the unsigned APK - sign it.
# The script will pause here as jarsigner prompts for the password.
# It is possible to provide they keystore password for jarsigner.exe by adding an extra command line parameter -storepass, for example
# -storepass <MY_SECRET_PASSWORD>
# If this script is to be checked in to source code control then it is not recommended to include the password as part of this script.
& 'C:\Program Files\Java\jdk1.6.0_24\bin\jarsigner.exe' -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore ./xample.keystore -signedjar ./bin/Release/mono.samples.helloworld-signed.apk ./bin/Release/mono.samples.helloworld.apk publishingdoc
# Now zipalign it. The -v parameter tells zipalign to verify the APK afterwards.
& 'C:\Program Files\Android\android-sdk\tools\zipalign.exe' -f -v 4 ./bin/Release/mono.samples.helloworld-signed.apk ./helloworld.apk
The important part is to use the parameters -sigalg SHA1withRSA -digestalg SHA1 which force JDK 1.7 to use the expected digest algorithm (instead of SHA-256 which seems to be the default in JDK 1.7 and is not accepted by all Android versions).
Note that you can find the msbuild location with
$dotNetVersion = "4.0"
$regKey = "HKLM:\software\Microsoft\MSBuild\ToolsVersions\$dotNetVersion"
$regProperty = "MSBuildToolsPath"
$msbuildExe = join-path -path (Get-ItemProperty $regKey).$regProperty -childpath "msbuild.exe"
I found the solution here https://forums.xamarin.com/discussion/comment/72399/#Comment_72399.
The answer from Felix Alcala works perfect. No more "App not installed" messages on device.
Open the SDK Locations in Xamarin Studio
Preferences/Projects/SDK Locations/Android
and set Java SDK(JDK) to
/System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home
When using the Google Play service component ICS from Xamarin the following error appears if you are using JDK 6.
2>JAVAC : warning : com\google\ads\mediation\MediationBannerListener.class(com\google\ads\mediation:MediationBannerListener.class): major version 51 is newer than 50, the highest major version supported by this compiler.
2>JAVAC : warning : com\google\ads\mediation\MediationBannerAdapter.class(com\google\ads\mediation:MediationBannerAdapter.class): major version 51 is newer than 50, the highest major version supported by this compiler.
Error building Xamarin.Android project with Google Play Services
This error is solved by changing from JDK 6 to JDK 7. Because of that now my app that is already deployed to the Google Play Store is throwing "Package file was not signed correctly" in some smartphones.
Is there a way to sign app correctly using JDK 7 and Xamarin?
I was trying to change my default/main/startup (whatever you call it) activity by editing the androidmanifest.xml file. All i did was change the android:name property. however, this completely broke the entire app. when I try to install it fails and reads.
Installation error: INSTALL_PARSE_FAILED_NO_CERTIFICATES
When I tried to change it back to its previous state, it was still giving me the same error... What have I done?
I found that this error can now also occur when using the wrong signing config. As described here, Android 7.0 introduces a new signature scheme, V2. The V2 scheme signs the entire APK rather than just the JAR, as is done in the V1 scheme. If you sign with only V2, and attempt to install on a pre-7.0 target, you'll get this error since the JARs themselves are not signed and the pre-7.0 PackageManager cannot detect the presence of the V2 APK signature.
To be compatible with all target systems, make sure the APK is signed with both schemes by checking both signature version boxes in Android Studio's Generate Signed APK dialog as shown here:
If only 7.0 targets are anticipated, then there is no need to include the V1 signature.
Did you edit the AndroidManifest.xml directly in the .apk file? If so, that won't work.
Every Android .apk needs to be signed if it is going to be installed on a phone, even if you're not installing through the Market. The development tools work round this by signing with a development certificate but the .apk is still signed.
One use of this is so a device can tell if an .apk is a valid upgrade for an installed application, since if it is the Certificates will be the same.
So if you make any changes to your app at all you'll need to rebuild the .apk so it gets signed properly.
I found this was caused by my JDK version.
I was having this problem with 'ant' and it was due to this CAUTION mentioned in the documentation:
http://developer.android.com/guide/publishing/app-signing.html#signapp
Caution: As of JDK 7, the default signing algorithim has changed, requiring you to specify the signature and digest algorithims (-sigalg and -digestalg) when you sign an APK.
I have JDK 7. In my Ant log, I used -v for verbose and it showed
$ ant -Dadb.device.arg=-d -v release install
[signjar] Executing 'C:\Program Files\Java\jdk1.7.0_03\bin\jarsigner.exe' with arguments:
[signjar] '-keystore'
[signjar] 'C:\cygwin\home\Chloe\pairfinder\release.keystore'
[signjar] '-signedjar'
[signjar] 'C:\cygwin\home\Chloe\pairfinder\bin\PairFinder-release-unaligned.apk'
[signjar] 'C:\cygwin\home\Chloe\pairfinder\bin\PairFinder-release-unsigned.apk'
[signjar] 'mykey'
[exec] pkg: /data/local/tmp/PairFinder-release.apk
[exec] Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES]
I signed the JAR manually and zipaligned it, but it gave a slightly different error:
$ "$JAVA_HOME"/bin/jarsigner -sigalg MD5withRSA -digestalg SHA1 -keystore release.keystore -signedjar bin/PairFinder-release-unaligned.apk bin/PairFinder-release-unsigned.apk mykey
$ zipalign -v -f 4 bin/PairFinder-release-unaligned.apk bin/PairFinder-release.apk
$ adb -d install -r bin/PairFinder-release.apk
pkg: /data/local/tmp/PairFinder-release.apk
Failure [INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES]
641 KB/s (52620 bytes in 0.080s)
I found that answered here.
How to deal with INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES without uninstallation
I only needed to uninstall it and then it worked!
$ adb -d uninstall com.kizbit.pairfinder
Success
$ adb -d install -r bin/PairFinder-release.apk
pkg: /data/local/tmp/PairFinder-release.apk
Success
641 KB/s (52620 bytes in 0.080s)
Now I only need modify the build.xml to use those options when signing!
Ok here it is: C:\Program Files\Java\android-sdk\tools\ant\build.xml
<signjar
sigalg="MD5withRSA"
digestalg="SHA1"
jar="${out.packaged.file}"
signedjar="${out.unaligned.file}"
keystore="${key.store}"
storepass="${key.store.password}"
alias="${key.alias}"
keypass="${key.alias.password}"
verbose="${verbose}" />
Most of the time the solution for this error is really simple:
Uninstall your apk
Clean your Android project
Build your Android project
Install / run your apk
solved (for me) using in keytool the args
-sigalg MD5withRSA -keyalg RSA -keysize 1024
and using in jarsigner
-sigalg MD5withRSA -digestalg SHA1
solution found in
What kind of pitfals exist for the Android APK signing?
This error could be thrown if you add your signing config(create signing key and add to the "Project Structure" > "Modules" > "Signing Configs") but forget to point out in "Project Structure" > "Build Variants" > "Build Types" > "Signing Config".
The signing config field shouldn't be empty! (See the picture below) Otherwise, you will see
"INSTALL_PARSE_FAILED_NO_CERTIFICATES...APK signature verification failed."
error if you try to install a release variant. (or another variant with the same misconfiguration)
Recently I had this error while upgrading to Android Studio 4.0. The cause was that the project had V2 Signing Disabled in the signing configuration in build.gradle.
The solution was to remove v2SigningEnabled false or explicitly set it to true, which is the default value.
android {
signingConfigs {
dev {
v2SigningEnabled true
}
}
}
I was also facing the same issue. First I generated build using V2 and installed that in mobile devices running on OS 5.1 and I got the same issue. But build was working fine on Tablet running on OS 7.0. So I generated build with V1 Jar signature and it was working fine on both the devices.
Conclusion: If you are supporting the device below android OS 7.0. Use V1 jar signature to generate the build.
In my case, I could build and run release builds, but got the INSTALL_PARSE_FAILED_NO_CERTIFICATES error when trying to do a debug build.
The solution was to delete my debug.keystore file and let ADT recreate it. It had apparently expired.
A better long-term solution is to explicitly create a debug.keystore that does not expire after only a year, instead of letting ADT create it. Here is the command to do that:
keytool -genkey -v -keystore debug.keystore -alias androiddebugkey -storepass android -keypass android -keyalg RSA -validity 14000
When prompted, enter these values:
First and last name: Android Debug
Organizational unit: Android
Name of organization: Unknown
City or Locality: Unknown
State or Province: Unknown
Country code: US
In my case, I was installing a project with MinimumSDK bigger than the Android version of my real device. I used another device and it solved.
My project MinSDK -> 24
My Phone Android version -> 21
In newer Android Studio versions 3.2+, if you are trying to run release install, and you have not defined any signing configurations, it will show the error prompt and install will fail. What you need to do is either run the debug build or set up the signing configuration (V1 or V2) correctly.
most answers are true . and some another reasons that happens are
► your min sdk smaller than device sdk.
► you have the older application in your device with the same package name
This is an ugly but fast solution: use JDK 6 instead of 7.
After read Chloe's answer, I uninstalled my JDK 7 (don't need it currently anyways) and installed JDK 6. That fixed it. A better solution would make ant uses JDK 6 (without uninstalling 7). Maybe possible changing / setting this property:
java.library.path
in local.properties file. It's in the project directory (root).
Android doesn't work with JDK 7 anyways (only 6 or 5), so make that the ant script also uses JDK 6 or 5 is probably a good solution.
Its because previously generated build and current is having conflict in signature version between v1(jar signature) and v2(full APK Signature),
To fix tick proper signature version under Generate Signed APK dialog
Also u can check
Project Structure -> Default Config -> Signing Config
after u add all that u need
Navigate to Run -> Edit Configurations... -> Android App -> app -> Installation Options
Then change to APK from app bundle instead of Default APK
This could happen if you try to include a .jar library that contains an AndroidManifest.xml file.
If it's pure Java make sure you don't include it in the .jar export
If it's not pure Java (meaning it's an Android project) then you have to include it as a Library Project
Maybe, you have changed the build variant from debug to release. Release variant requires a special certificate.
You can change build variant under menu build->select build variant... .
Setting environment variable JAVA_HOME to JDK 5 or 6 (instead of JDK 7) fixed the error.
I was getting this error because I did release that my ant release was failing because I ran out of disk space.
It's throwing this error for me today because I have an app with a min sdk of 28 and am hitting play on an emulator with an SDK version of 23. Usually this is not possible (AS gray's out the play button), but today not so much.
Make sure the build variant is set to debug (and not release) in Android Studio (check the build variants panel).
For me, I forget to add the new Signing Config into
Project Structure -> Default Config -> Signing Config
After some time and multiple online threads on the subject I managed to fix my project.
It's mainly taking into consideration the last files (could be images or layouts) that you put in. If you delete them, it will work out, and you can build your project again.
I was having this error in my Eclipse Console. It turns out that I had two jars with the same content but different names and they were conflicting with each other. I just deleted one of them and managed to install the app on the device.
I got this error when I tried to install a Xamarin project built against Android N preview on a phone running api v23. Solution is to not do that.
Another way to get this error is to build using ant on macOS and have a Finder icon file (Icon\r) in the source tree of the app. It appears jarsigner can't cope with the carriage return in the filename and, although it will claim the signing is valid if you -verify the APK, it always results in an APK that wont install on a device. Ironically, the Google Drive Finder plugin is a great source of Finder icon files.
The solution is to exclude the offending files (which are useless in the APK anyway) with a specifier like this in the fileset:
<exclude name="**/Icon
" />
This problem will happen if you are installing un-signed version of APK. Check if you are install correct APK.
I had that problem with ionic / Visual Studio Code (Run Android on device):
I uninstalled the App on the mobile device (Settings / Apps), the error is gone and the app is starting.
Firstly just try to do that:
go to Gradle script → bulid.gradle(module:app) → then you have to change (minSdkVersion) value. As an example, if you used 26 you can try to decrease the value, like (minSdkVersion 20 )
then try (sync now ).