I want to release a new application. And I have created a keystore specifically for that application. When on the Google console I accidentally clicked on enabling Google Play App Signing. My APK upload failed because it did not match the application signer. I have long lost the application keystore before. How can I release a new application with a new keystore? Explanation from Google makes me even more confused, can I give me the order that I have to do.
My error on console looks like this:
And the upload certificate section is written like this:
Your application does not have an upload certificate. The certificate
you use to sign the first APK will be used as an upload certificate.
While generating signed APK, Just check on Both signatures version i.e
I want confirmation that I have found the answer, via this link
[Android Signed APK showing as Unsigned APK when trying to upload to production
I have to check both options when generating a signed APK.
There are three choices available to us:
select V1 (For older version of signing) - apk gets uploaded
successfully
select V2 (For newer version of signing) - Please note that selecting
this alone will not work.
select V1 and V2 (For older and newer version) - apk gets uploaded
successfully
Why selecting V2 alone does not work ?
Because APK Signature Scheme v2 was introduced in Android 7.0
(Nougat). To make a APK installable on Android 6.0 (Marshmallow) and
older devices, the APK should be signed using JAR signing before being
signed with the v2 scheme.
thank you for participating in helping find answers
Related
we are developing a mobile application for one of our clients, and the client currently has an app version on Google's Play Store.
The current app has been developed by an external vendor A, so our client has been uploading the apps with his signature.
Now, we want to go on production with the new app developed by us (We are the vendor B).
The client has given us the keystore file used for signing, the key alias and the password, so we are able to generate an APK with the same package name (com.myclient.myapp). We are signing with V1 (The same way the old app has been signed).
The problem starts when we try to update from the old app to the new one. In an Android device, we install old app, and then we try to update to the new one. Android does not allow us to install the new signed APK because understands that the signatures of both apps seems to be different.
We need help on this topic. Can you please help? Thanks a lot in advance!
The package name's should not be matched with the earlier vendor with your changes.
Check the gradle versions before generate the signed APK and upload to playstore.
Check in the manifest the version name and version code are updating.
While generating the signed APK check the check boxes of all with signed full APK.
"App signing by Google Play" is a two step process. You sign the APK with an upload key and then Google checks this signature and resigns the APK with another key.
If this was used for the old App you will not be able to upgrade an App downloaded from the store with one that was locally signed because the signature key is different.
It will however work if you upload the new App to the Play Store.
I'm using google drive api in my app which works fine on both debug and release builds when I install it using .apk file.
But if I publish the same release .apk on playstore and then download it from there I can't sign in to Google.
All I can find regarding the issue is that people aren't using release keystore to generate credentials on Google's developer console, which is not the case for me.
I found a problem:
Check if you have been enrolled in App Signing program under Release Management. If yes, there must be two certificates - upload and App signing.
Copy Sha1 of App Signing certificate and create new OAuth client ID in developer console.
Then go to Firebase Project settings, add copied fingerprint to your app and download google-services.json.
Replace your existing google-services.json in android studio with downloaded one and you are good to go.
I have no idea when or why I enabled this thing. It replaces signing certificate of your uploaded application with the new one.
I have a quite normal app for Android which requires no permission at all. I wanted to upload the APK to the Google Play Developer Console.
In Android Studio, I pressed Build --> Generate Signed APK... --> I filled in the correct passwords --> Next --> Build Type debug --> Signature Versions only V2 (Full APK Signature) --> Finish.
My loggs tell me: APK's generated succesfully.
I go to the Google Play Developer Console --> Release management --> App-releases --> Edit bèta release --> Upload APK.
When I upload the APK that's just created I get the following error from Google:
Upload failed. You have uploaded an unsigned APK. You must create a
signed APK.
This is very irritating, because it happens always when I try to upload an APK, which is signed according to me. I tried several ways. What have I done wrong?
You need to choose Build type Release and check both signature versions V1 and V2.
Signature Versions
Android 7.0 introduces APK Signature Scheme v2, a new app-signing
scheme that offers faster app install times and more protection
against unauthorized alterations to APK files. By default, Android
Studio 2.2 and the Android Plugin for Gradle 2.2 sign your app using
both APK Signature Scheme v2 and the traditional signing scheme, which
uses JAR signing.
Signature V2 is optional, but signature V1 is mandatory for distribution on Google Play.
I made an app and I published it on the PlayStore.
I made an update and now I'm trying to re-import it into the Android publish web site.
I generated my app like this : (with Android Studio)
Build
Generate Signed APK...
I choosed my app
Click "next"
And I used the same key, same password etc ...
The apk is succefully generated (and signed).
But when I tried to upload the app on the publish website (to update the app online) it tells me:
You have imported an APK file without a signature. You must create an APK file with a signature.
Have you got an idea why it's crashing?
It's contradincting, Android studio tells me that the signed app is generated but the website tells me it's not a signed app.
EDIT :
I tryed to "Build -> Clean Project" and "File -> Invalidate Caches / Restart..." without success. I also tryed to make a new project, copy past all code and retry :/
I assume that you're creating your keystore correctly and none of the solutions in AMAN SINGH's answer worked for you.
There's a new signing scheme in Android called Apk Signing Scheme v2.
https://source.android.com/security/apksigning/v2
When you're signing your apk there're two checkboxes.
v1 (jar signing)
v2 (apk signing)
v1 signature is required, if the APK's minSdkVersion is 23 and lower. Android versions before Android Nougat (API Level 24) ignore v2 signatures so apks which don't have a valid v1 signature will be rejected by Play Store.
In Android 7.0, APKs can be verified according to the APK Signature
Scheme v2 (v2 scheme) or JAR signing (v1 scheme). Older platforms
ignore v2 signatures and only verify v1 signatures.
Edit:
Thanks Alex Klyubin for information.
I don't understand the language in which the image is there but if you already uploaded your APK once then,
*) You need to use same signed keystore signature which you used first time at generating signed APK.
*) Check your Manifest.xml, android:debuggable="true" if this is there remove this line or make debuggable="false"
*) check `versionCode' should be greater than last uploaded
*) Check versionName should be greater than last uploaded
*) Tick Mark in both the column while building the Signed APK
I have uploaded on apk file on the google play account,
apk i have created from eclipse by right click on the project and export and put following details in it
password,alias and developer units only.
and i have uploaded successfully on google play account.
But now problem is i have deleted this apk from local and also i am unable to uplaod any other apk if try to update 2nd apk with version code = 2 and version name = 1.0 then also it is giving me error that
The apk must be signed with the same certificates as the previous version.
So please help me to solve this issue now what can i do to upload a new updated apk in this application.
You are not using the same keystore file to sign your apks.
the .apk must be signed with the same private key. If the package name and signing certificate do not match those of the existing version, Market will consider it a new application and will not offer it to users as an update.
Taken from here,
The apk must be signed with the same certificates as the previous version
The only way is to sign your update package apk with the same key which you have used for the previous version. No other go. Google is strict about it.
For the same application you are updating it's version. Then there is
no need of having previous apk file but there should be same keystore
which you have used to sign the first apk file which is on google
play. Also follow the same steps which you have done for first apk
file.
In case you don't have same keystore then :( you simply cannot update the same application as of now.