i have published the apk in google play console,
but now i want to delete it and use the exact same code to publish it under the different name,
is it possible to do it? is the code will be lock under google code signing mechanism ?
If you want to keep the same app package and juste change the name of the app, update it in your code AND in your Google Play console, it should do the trick.
If you want to release the app using a different package name, you will need to sign your app with a new certificate, then upload it to Play Console but make sure you removed the first APK (it should appear as a artefact).
You can upload the same code twice, there is no blocking mechanism at the moment.
Related
The following is the situation:
I have an app, that I have published to the Google Play store (version code: 100, version name 1.100).
I want to add feature allow people to update the app using an apk(release) from a website instead of from the Play Store.
BUT during testing I found the following problem:
Download current app from store(v - 100)
after that try to install(update) using the APK I compile
result - "App not installed."
But if I
install a hand created old APK (exactly the same as was uploaded to the Store)
try to install a handcreated APK update that was uploaded to the store
everything works fine
CAN you please describe there're some limits additional checkers for security or something wrong on my side ?
You are probably signed into Google Play App Signing.
Every Android app is signed with a key. When the phone tries to install an update, the update must be signed with the same key as the original app. This is for the security of the user. This stops a fake version of WhatsApp or Facebook (or your app) being created and users tricked into installing it. A bad developer can create an app with the same package name, but doesn't have access to the key, so this protects the users.
When you deliver through Google Play App Signing, Google removes the signature with your key (the "upload key") and signs it with a new Google Play key. This is a good thing. It protects you if you lose your upload key, without this there would be nothing Google could do to help you.
But this is why the upgrade doesn't happen. The app you hand create is signed with your upload key, so it won't update the app installed from Google Play.
This is a good thing. You don't want users who installed from one source (eg Google Play) to update from another source, like a download from a website. It would put them at serious risk of harmful fake apps.
However, if you really want to do this, you need to not use Google Play App Signing.
An alternative solution:
You can upload your signed apk on google play console then download the new signed apk and put it on your website or anywhere else.
I have this application which was made in 2015. I have updated that application and now I want to upload the updated version to play store. But unfortunately, it is giving me an error that the SHA1 key is different. I am attaching the image below. Play store console SS
Furthermore, the organization that I am working for, does not have any information about the key store password or Alias. There is literally no information about the previous version. Therefore, I am totally clueless how to update this application in google play store
Without SHA1 Key you can not generate another Signed APK to upload . You must need that key in order to generate new signed APK to Upload .
Google will not re-sign any of your existing or new APKs that are signed with the app signing key. This enables you to start testing your app bundle in the open, closed, or internal test tracks while you release your existing APK in production without Google Play making any changes to it.
This basically means that the you are trying to generate a signed apk using a different certificate than the one that was used to sign the original apk. If you cant get a hold of the hold certificate you will have to create a new one (what I think you have already done), generate a signed apk then publish it as a new app on the play store. You will have to un publish the old application though. Try using a slight change in the package name like a change from small letter to capital letter eg from "com.example.company" to "Com.example.company"
It is precisely this problem that caused Google Play to introduce Google Play App signing. If your app is opted in, then Google looks after your signing keys, and if you lose the information, then Google Play support can help you change the upload key.
However, if you are not opted in to Google Play app signing there is nothing you can do.
The best option is, as other people have said, unpublish the old app, create a new one, and this time opt in to Google Play App Signing so it doesn't happen again.
I have a little issue where I created an Android release build from my Ionic project. I've signed the app in the platform/android/build/outputs/apk folder, so my keystore file also was there. Then I noticed a bug, rebuild the app but I figured the folder gets cleared at each build. As a result I don't have my keystore file anymore and I'm unable to add an update to the Play Store. I've unpublished the previous version but now I'm unable to use my app id as it is used by the unpublished version.
So right now I see three options:
Is there a way to change the app id from the unpublished app? (all related info I've read says no)
Is there an alternative way to use the same app id? (I would not like to have differente app ids for iOS and Android)
As a final option I could use com.mydomain.app as the iOS id and use e.g. com.mydomain.android (and I've moved my signing process to a different folder outside the Ionic project) but is there a way to keep this release-friendly (meaning, is there a way to specify platform specific app ids in Ionic config.xml or other file)
How do you guys handle stuff like this? I suppose I'm not the first random guy this has happened to.
Edit: I found that I'm not the first random guy this has happened to. Which makes option 3 easier to accept if option 1 will never work.
No this is not possible, mentioned clearly in the google doc.
If you lose your keystore, you'll need to publish a new app with a new package name.
If you have lost you app signing key, you can not upgrade your app, that is the reason google came up with a new feature "app signing by Google Play", where Google keeps your signing key, but when you upload your app you need to sign your app with a key(Upload Key), then Google verifies your signature, removes the signature, and then Google re-signs the APKs with the original app signing key you provided and delivers your app to the user. Benefit of this feature is that If you lose your "Upload Key", you can request for reset it from google, and you will be provided with a new "upload key", which you will use for signing app, and Google will re-sign you app using the main key It is keeping since starting.
So I will suggest you to enrol for this feature this time, to avoid an issue in future in case you lose your singing key again.
As others have mentioned, this is not possible outside the scope of App Signing by Play.
However, if your app has not been installed by anyone from the Play Store (except yourself), you can request your app to be deleted, which would allow you to recreate a new app with the same package name.
App Id in a sense is just like a domain name, you can not have more than one as long as you are to upload the application on Google Play.
The only option for you is to create a new build with a different App id.
I have two different apps, and I want them to be able to communicate together.
For security reasons, I would like to restrict the communication with protectionLevel:signature, so I don't have to worry about other apps possibly messing with my apps.
The problem is, I use Google Play Signing for the first app. I noticed, that when I want to create a new App in the play console, and opt-in for Google Play App Signing, that another certificate is generated. So, I suspect that the permission system is not working, as the release-apk that users download will not be signed by the same certificate, and that the "protectionLevel=signature" check will fail.
Is this true, or will it still work somehow when the Upload-Certificate matches?
Is there any way to use the same certifiacte for different apps using Google Play App Signing?
I solved it;
There is a button for reusing the Signing Key from an old app in the "App Signature" Tab in the play console.
Note that after you generated a distribution key once, it cannot be changed, even if you never uploaded an APK yet, so you have to press the button to reuse the key immediately before generating another distribution key.
I had to delete my (unpublished) app and created a new one. If you already published you app (even if just for a closed beta test), your only chance to get the same distribution key is to create a new app with a different app id.
I'm currently developing an Android application using InApp Billing functionality. In order to perform testing with real end-to-end payment scenarios I need to upload the application draft to Google Play - as described here.
However, my customer wants to publish the application later using its own Google Play account.
Is it possible, that I upload the draft first, remove it after testing, and then my customer releases the application (with the same package name) with a totally different Google Play account? Would Google Play allow for that?
I don't want to mess with package ID, it is annoying (but perhaps safest?).
Answering (sort of) my own question:
it seems perfectly fine to remove the application draft from one profile and re-upload to another one
for the time being I only checked re-uploading APK signed with the same private key
funny enough, all configured in-app items that I configured for this application on my own profile reappeared after uploading to the second profile!
Nopes, when the applications are export, the are exported and signed with certain certificates and private key, so that if anyone have that private key, the will be able to upload the app with the same identifier,
i.e.
com.yourcompanyname.appname
This is unique identifier, identifies your app to update it further.