I am getting old bugs on my app which were already fixed in previous builds, the weird thing is these bugs only occurs when I download my app from the playstore. The app works without any bug or crash when I download the apk from my playconsole release dashboard or internal test(I tried both the original and modified download option). All of the apks are the exact same build version.
I have already tried to check the hash of the apks by doing the following:
Download apk from internal test dashboard (modified version)
Download apk from release dashboard (modified and original versions)
Download the app from playstore then get apk via adb
Then I generate hash using the command
openssl dgst -md5 appname.apk
and got same hash for apks from 1 and 2. However, for 3 the hash is different and it's also the only apk with all the bugs that were already fixed. I am not sure what causes this and I don't know it normally the hash from store and release dashboard are normally different. Thankyou for any help.
When you upload your app on play console, its again re-signed apk using PEPK tool for security. That's why you get different SHA-1 key from play console.
You can get more information from this link
You'll get setps for getting this SHA-1 back from your play console. Download PEPK.jar from your console & get SHA-1 key via cmd.
This will help you. see this command
Related
I am struggling a lot with google and Facebook sign-in in my android app. Everything works well with release build if preparing in APK format but not with.AAB format. I have followed all steps required for signing a build related to the SHA1 key.
Setup the Firebase application
Add the debug, release SHA1 key to the firebase
Add the SHA1 signing key from the google play issue after uploading the app.
Then download the google-service.json file and then prepare the bundle (.aab) but still, it's not working.
For facebook sign in also works with release apk but not with .".aab" file
App uploaded to google play and then download it but still, it's not working.
I tried to debug the ".aab" and it throws the "result code 0", the debugging I have to perform on the ".aab" file through the AAB installer app.
I followed various articles on stack overflow and other sources but none of them worked. Seems problem only with Bundle (.AAB) file releases only.
Facebook login in my android app is working fine in release apk, but not working properly after publishing the same apk on play store
google signIn not working in release mode apk android
enter image description here
the same thing happened to me and I solved the problem in the following way:
Unlike with .apk, when uploading an .aab (app bundle), google now forces you to sign the file and it does so by default. when google signs it, it does so with a SHA1 that you can only see by accessing your google play console account in the signature section: (if you dont see the link, search in google by "Google Play Console - Play App Signing")
https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwiIn4b9j5PzAhVIndUKHfJEAuAYABAAGgJ3cw&ae=2&ohost=www.google.com&cid=CAESQOD2TOEC6QJViajlQLRKWuvyHeLErSwY_0eyjSXNXz3AzjyZhnMyB4frcnJdvfIXrAYvu5aNaGiEi2zTH_tFodY&sig=AOD64_2z6obL_QhyUwCO5ViGSBr7v6_mCQ&q&adurl&ved=2ahUKEwjElf78j5PzAhWCy4UKHUo2A5QQ0Qx6BAgCEAE
This is where you can see the SHA1 used by google: this SHA1 is the one that you must put in the firebase configuration (not the sha1 of your private signature in the aab file, but the sha1 of the google signature)
If you are using .aab then simply logon to play console and follow the steps
Select your app
Under release navigate to Setup menu
Click on App Integrity
A screen will open, then click on App Signing
Copy the SHA1 key and paste where you want to use.. :)
See this image for steps
I have spent around two days to fix this problem and finally I did it, it is just missing SHA certificate fingerprints.
For the APK file it is working fine and when I have used the AAB file and install it in device then Google Sign In didn't work.
You can find the SHA-1 certificate fingerprint from Google play console by following steps:
Login to Google play console.
Select your application.
Go to Setup section from left side.
Select Internal app sharing and click on it.
Here you can find the Internal test certificate and SHA-1 certificate fingerprint, please confirm it is missing in your Firebase project or not, if it is missing then just add it and it is working fine with AAB file too.
0
If you are using .aab then simply logon to play console and follow the steps
1- Select your app
2- Under release navigate to Setup menu
3- Click on App Integrity
4- A screen will open, then click on App Signing
Copy the SHA1 key and paste to you firebase console under android project
https://console.firebase.google.com/
This is unreasnable and painfaul.
After update firebase settings by Sha-1 from google play console
and generate signed APK all worked fine
but .aab worked only with me in internal testing not when upload it to third party like appcenter
In order to migrate my app from .apk to .aab I went through the App Signing process that Google Play requires.
I installed Java jdk-14.0.2.jdk (because I purchased a new mac with OS 10.15.5 and it kept saying I don't have Java) and ran the below command from the terminal in the directory that I downloaded pepk.jar from Google Play to
$ java -jar pepk.jar --keystore=user.keystore --alias=bball\ battle --output=encrypted_private_key_path --encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a52912392761fb833b656cd48b9de6a
Then I uploaded the resulting file encrypted_private_key_path so now I can see all of my app signing info under the App Signing section in the dashbaord.
Then I selected my user.keystore in unity publishing settings, put in my password, and built the aab file. But when I uploaded it to google play I got a message:
“You uploaded a debuggable APK or
Android App Bundle. For security
reasons you need to disable debugging
before it can be published in Google
Play.nullLearn more about debuggable
APKs or Android App Bundlesnull.”
So then instead of using user.keystore I renamed encrypted_private_key_path to encrypted_private_key_path.keystore and selected that in Unity player settings. But when I select it in publishing settings, it says
"Unable to list keys in the keystore.
Please make sure the location and
password of the keystore is correct."
I know I am using the correct password.
Could this be because Unity is using OpenJDK, but I ran the pepk.jar command using Java jdk-14.0.2.jdk?
Does anyone know how to resolve or troubleshoot this issue?
Hey you are supposed to use Java NDK to build the aab the process is pretty much simple im providing a link of a youtube video can check that but make sure to uncheck the development build and check android app bundle box
https://youtu.be/j0L3SDYyMJI
And for the key if the key isnt working you can contact google that you lost the key and i guess you can generate a new one
According to the manual I received from the consignor,
ALIAS_KE.RSA/ALIAS_KE.SF is added when the jarsigner command is
executed.
When I uploaded to Google Play Console, I was told that
ALIAS_KE.RSA/ALIAS_KE.SF cannot be used because the Level of SDK is
16-17.
When I unzipped the past apk given to me by the consignor, I found that it was signed with CERT.RSA/CERT.SF.
However, the consignor does not have any signing instructions left and I am having trouble.
How can I sign CERT.RSA/CERT.SF in the Android apk file?
The files in the META-INF directory (including *.RSA and *.SF) are never signed.
You haven't provided the exact error from the Play Console so difficult to say what exactly is going on, but the issue is likely to be that the strength of the key you used to sign the app is not supported on devices on Android SDK 16, and because your app must have minSdkVersion=16, those devices would not be able to install your app properly.
E.g. maybe you used SHA-256 as part of the signing algorithm but those devices only support up to SHA-1 or something like that.
You can have more information by running:
apksigner verify --verbose release.apk
Hello all I have an APP on play store and I uploaded the bundle file first time and kept the keystore save it and then uploaded to playstore. After some time I updated the APP with version 2 and used the keystore app signing key which I created in the first time it got uploaded
But now I am doing the same and the playstore say
your Android App Bundle is signed with the wrong key. Ensure that your
app bundle is signed with the correct signing key and try again
I don't know what to do here, its so bad I am stuck here This is my first APP and I already have this signing issue can you suggest me how to upload the new versions of APP on playstore and fix this signing key issue.
Check for the key store you use with the app is correct and no changes made on it.Try again.And also ensure that the key store you are using is of the same app not of any other app.
There a different approaches to overcome this problem. See also the link code4rox provided though nothing of these proposals worked for me and I wasted many days and nerves. My suggestion to you would be:
Reset the old keystore with the support of Google Play Developer Support (Play Console)
Create a new keystore with your IDE
Convert the new keystore to a .pem file with JDK's command line tool "keytool" or use "KeyStore Explorer" (open source GUI replacement for the Java command-line utilities keytool and jarsigner)
Send the .pem file to Google Play Developer Support.
Two days later you can update your App with the new keystore.
I have uploaded an app and selected enroll it with "App Signing". I had no problems when uploading the first APK and it got uploaded successfully.
Today I tried to update that app and incremented the versionCode to 2 and versionName to 0.2 and used the same signing key as with the first APK, built successfully.
Now when I tried to upload it on google play it gives me following error:
I researched a bit and got to know that I have to link the upload_cert.der file generated by play store with my keystore. I did that using the following command:
.\keytool -importcert -file ~\upload_cert.der -keystore ~key.jks
and again built the project but even then while uploading the APK I get the same error as above.
I researched all the posts relating to it but everyone seem to be having this problem with "App Signing enrolled"
Can someone guide me with the correct steps of using upload_cert.der to update the next version of the app
Check out the answer here.
Uploading after app signing . You've to use the 2nd certificate which you create at the time signing. This type of error comes only when you're using same .jks file for signing and uploading