Recently Google has asked me to remove one permission (SEND_SMS) from my android app and republish it. The problem is that I got this prebuilt app from some company and now they are asking for extra amount for only changing this permission. During initial purchase also I had told them not to include but they kept it. Now I want to edit android menifest by removing the permission for SEND_SMS, rebuild and sign the app and publish.Please note that I don't have the source code of the project, but my work I believe is only limited to android menifest. Is it even possible? if yes, How?
Thanks,
Abdul Wahid
Even if you manage to manipulate the manifest, you still can not sign the .apk. You would need the keystore file to sign it for publishing.
If you still have the keystore, then you can use apktool to decompile the APK, modify the manifest to increase the versionCode and remove that permission, then recompile it (still using apktool). Finally, re-sign the APK with apksigner using the keystore you have and publish the modified APK to Play Console.
Related
For upload my application on google playstore. I have generated signedapk so my question is after made few changes in code of the app Shall i generate signed apk again ?
Yes.
You done some changes in your code.
if you want your changes generate apk.
There is no other way to do.
Yes it's mandatory to resign the APK whenever you want to regenerate the app, otherwise the application will not be updated if you are using Google Play
https://developer.android.com/studio/publish/app-signing.html
Definitely. before uploading application to the Play Store, you should always generate signed APK.
It would be better if you do it with ProGuard, it will provide security to your application.
There are several other things to taken care of while generating signed apk.
Proguard
Enable Minify
Shrink Resources
String Localization
Turn off Logging and Debugging
Delete unused files
Change Version Name and Version Code
Test your application throughout after doing all these things, there are chances that some things might not work after enabling Proguard and shrink resources. So its better to solve them and build apk again.
For more information, you can visit this link.
https://developer.android.com/studio/publish/app-signing.html
I have published my app on Google play a few days​ ago and since then i had to uninstall and reinstall my Android studio. Now I don't have the signing key anymore. Is is possible to make the exact same or i can't update my anymore on Google play?
Signing key is a jks file independent from AS.
If you have lose that file, you can't update your app anymore.
As mentioned in this other answer
You can create a new keystore, but the Android Market wont allow you
to upload the apk as an update - worse still, if you try uploading the
apk as a new app it will not allow it either as it knows there is a
'different' version of the same apk already in the market even if you
delete your previous version from the market
Do your absolute best to find that keystore!!
When you find it, email it to yourself so you have a copy on your
gmail that you can go and get in the case you loose it from your hard
drive!
You have to save the jks file in a directory different from the Android Studio one. It is not related to Android Studio
I suppose if you change pakage name and app name it shouldn't give you any problem on google play console. But you can't update that one, sorry. Try your best to recover the jks file!
It's rather typical I suppose somebody asks app be developed and then publishes on Google Play. Then much time later publisher wants to make changes when having only apk file. Or somebody wants to make changes to his/her old app.
I need to change background picture of app of which I have apk only. I apktool then java -jar signapk.jar certificate.pem key.pk8 as I've found.
However upon installation it gives error same name conflicting signature. Can I keep signature when changing apk? Can virtuous-ten-studio or other app do that?
Added: how can I see key info (like name etc.) from apk? is it appropriate to put apk on Google Play signed with old certificate.pem key.pk8?
No, you can't do this. You need the original signing key used to sign the app.
I have an android app which is available on google play.
While creating an apk for release, there was a keystore that was created for signing.
My question is, if after the release, I have some enhancements underway (like facebook or google+ integration), which requires that the dev registers his app using the keystore, which keystore do I use?
Should it be the debug keystore (~/.android/debug.keystore) or the one that was created while packaging my app?
EDIT
Thanks for the answers so far.
To confirm, from the below answers I understand that, when testing this enhancement (before deploying the app to play store) & to register my app at facebook, I will be using the keystore that was used for signing the first apk file for this app and NOT the 'debug.keystore'. Correct?
But, while testing, wouldn't my app be sending 'debug.keystore', if I am building on eclipse platform? Or does the 'debug.keystore' become invalid once I have a new keystore generated for creating the previous apk file?
It's rather too confusing, and want to be clear with this...
You have to use, keystore which is used for generating apk file for playstore. Dont use another keystore, becoz it will give new one but wont updated the old one.
debug keystore (~/.android/debug.keystore) is not going to work for you.
As you mention that your application is already available in Google Play, that means while singing your application it ask Create new Keystore or use Existing one
Then choose Use existing keystore
Give your existing keystore path, and password.
This will give you a build that you can release in Google Play..
Before that make sure that increase the android:versionCode and android:versionName
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="YOUR_PACKAGE"
android:versionCode="1"
android:versionName="1.0" >
Hope this help you.
Plz ask if having any sort of problem.
You have to use your signing keystore which you used while uploading your app to developer console. The one that was created while packaging your app
only used for your signing keystore because already you release the application in play store so you can use new key that time is not release for updated version it's a one of the new application so you can use previous kestore for your updated appp.
I made an Android App and posted it in Android market, and now I'm made some updates on my Apps and trying to give a next version of the same app. The problem is I missed my KeyStore file I generated previously. But I'm having my old vesion APK file. Now I'm not able to upload the next version, the developer console says
The apk must be signed with the same certificates as the previous version.
as error. May I get any help to make new version for my android app now..?
There's currently no way of retrieving a lost signing key. What you can do is get a new one, pull your app from the market, and upload your update using a different package name.
Sorry, as far as i know you are not allowed to update your application now.
To update existing application on market, you must have that KeyStore file and also remember the password.
Your best bet is to unpublish the old apk and publish a new apk signed using a new keystore.
Please make sure that you have the previously used key store file with you
As per the documentation available on developer.andoird.com you must do the followings
Before uploading the updated application, be sure that you have
incremented the android:versionCode and android:versionName attributes
in the element of the manifest file. Also, the package name
must be the same as the existing version and the .apk file must be
signed with the same private key. If the package name and signing
certificate do not match those of the existing version, Google Play
will consider it a new application, publish it as such, and will not
offer it to existing users as an update.