So I already built the release apk, and pasted 'release' SHA1 key in firebase. Shall I delete the one already exist there used during debug apk?
You cannot do that and the goal of SHA1
certain Google Play services (e.g. Google Sign-in) require providing the SHA1 fingerprint of the certificate used to sign the app.
Rep represent the SHA1 password hashing algorithm. Can be used as an instance of UserImportHash when importing users.
You can find more info in the following articles: this
SHA1 key is used to verify that the build is produced by a verified Developer of the Firebase Project.
If you delete it in firebase, features like Authentication may not work .
Even certain Google Play services require providing the SHA1 fingerprint of the certificate used to sign the app.
Related
I know that its a common question but was read many threads here I didn't find an answer that would help me.
By the way, it worked fine in debug mode. So, what I did:
Get release version SHA-1 certificate fingerprint by command
keytool -keystore path-to-debug-or-production-keystore -list -v
Changed SHA-1 in Credentials Google Cloud Platform to just received
Added this SHA-1 to project on Firebase
Downloaded new JSON file from Firebase to app
Checked that SHA-1 matching in JSON file in app, in Firebase, in Google Cloud Platform
Checked that OAuth client ID matching in JSON file in app, in code (where I call new GoogleSignInOptions), in Google Cloud Platform
Uploaded release version app to Play Console for internal testing.
Make sure that SHA-1 and OAuth client ID is matching in Play Console.
Google can sign all apps with new own fingerprint and I tried this SHA-1 too. But still isn't works.
What I do wrong?
I'm trying to configure firebase API to be used with my nativescript application.
In fact, i don't know how to configure it anymore.
I have my private keystore and another one (managed by google) in my Google Play Console.
Which one fingerprint should i use on Firebase Console?
Tried both separated and together too.
In app still receiving:
'Make sure you\'ve uploaded your SHA1 fingerprint(s) to the Firebase console. Status: Status{statusCode=DEVELOPER_ERROR, resolution=null}'
error message.
Any tips?
Edit:
Added two fingerprints, updated google-services.json and still not working.
Firebase Console Config
Done!
I was wrong.
There are three types of keystores.
Upload keystore - this one we are using for building production app.
Signing keystore - (might be) maintained by google for in-store application signing.
and...
...drums.vaw...
Debug keystore - created during the installation of Google SDK, used for... yes, you know for what purpose. It is located in ~/.android/debug.keystore, password is android.
Clue was to retrieve SHA-1 fingerprint from debug keystore.
I'm trying to get the fingerprint of app, but the value obtained with android key tool is not the same as the value of some ready-made exe.(ex : "HashMyFiles", "Hashtab")
android keytool : 9B:D8:DD:1.......
HashMyFiles , Hashtab : 52725F4.................
Can someone explain why this is? And I think what I need is the one that I got from the ready-made exe. How do I write my code?
If you have signed it with Android Studio, you can read this.
If its an app you've already published you can get its signature fingerprint from your Google Play Console as given by me in an earlier separate answer.
If its someone else's apk, you might want to ask them for those singing fingerprints for SHA1, SHA256 and MD5. There is no other way of retrieving the signing keys.
How Google Play App Singing works
You digitally sign each release using your upload key before
publishing it to a track in the Play Console.
Google Play uses the upload certificate to verify your identity and then re-signs your release using the app signing key for distribution.
Each Android device checks the release’s app signing certificate matches the
certificate of the installed app before updating it.
More about app signing here.
A certificate fingerprint is a short and unique representation of a certificate that is often requested by API providers alongside the package name to register an app to use their service.
The tool(HashMyFiles) that you use will provide you with a hash value of the Application and not the MD5, SHA-1, SHA-256 fingerprint.so you should use the android keytool to get the fingerprint certificate for your app, also remember each build variant of your app can have different fingerprint and it is important to have a separate fingerprint for your release build.
If you want to know more go to :Authenticating Your Client
I have google login in my app which was working completely fine before publishing my app.But after publishing i am unable to sign in due to change in SHA key. So to change this i'm following steps in Released Management->App Sigining on my play console.
I have downloaded PEPK tool but for step 2 I have command
$ java -jar pepk.jar --keystore=foo.keystore --alias=foo --output=encrypted_private_key_path
I dont know what is foo.keystore, foo and encrypted_private_key_path
can any one please help me on this?.
While working with any of the APIs related to Google Developer Console in Android, you need to configure two different SHA1 keys, i.e. one for debug and one for release. It happens most of the times that, we forget to to generate the SHA1 key for release version. I believe following link will help you to generate SHA1 keys for both the versions.
SHA1 Key for DEBUG & RELEASE ANDROID STUDIO MAC
If you are using Google Play Signing to allow Google Play to sign the release version of your app for you, then you will need to register the SHA1 key from the release version of your app with the authentication console. You can get this key following the instructions here:
https://support.google.com/googleplay/android-developer/answer/7384423?hl=en-GB
"If your app uses any API, you will usually need to register the certificate of the key Google signs your app with for authentication purposes. This is usually done through the fingerprint of the certificate.
To find the certificate of the key Google uses to re-sign your APK for delivery:
Sign in to your Play Console.
Select an app.
On the left menu, click Release management > App signing.
From this page, you can copy the most common fingerprints (MD5, SHA-1 and SHA-256) of your app signing certificate. If the API provider requires a different type of fingerprint, you can also download the original certificate in DER format and run it through the transformation tools that the API provider requires."
The latest Firebase Cloud Messaging panel has an optional Debug signing certificate SHA-1 field when registering a new app. The form states that the certificate is:
Required for Dynamic Links, Invites, and Google Sign-In support in Auth. Edit SHA-1s in Settings.
There are many online resources (example) on how to get the certificate, but I could not find a proper explanation about its purpose, what is the difference between release and debug, and why Firebase takes only for the latter.
What is the purpose of the SHA-1 certificate, and what are the differences between the release and debug versions?
As I understand, certain Google Play services (e.g. Google Sign-in) require providing the SHA1 fingerprint of the certificate used to sign the app. When developing an app using Android Studio, the IDE creates a self-signed debug certificate which is used to sign the app in development. You need to register the fingerprint of this certificate with Firebase console in order to access Google Play services.
You can find more info in the following articles:
https://developers.google.com/android/guides/client-auth
https://developer.android.com/studio/publish/app-signing.html