I'm getting this error when uploading my app to the Google Play Store. What am I doing wrong?
You uploaded an APK or Android App Bundle signed with a certificate that is not yet valid. You need to sign your APK or Android App Bundle with a certificate that is currently valid. Find out more about signing. You need to use a different package name because "com.example" is restricted.
Google play will not allow you to upload packages with the name com.example. Rename your packages from com.example.* to com.sonib.* (for example)
Click the link in the error message to learn how to sign your app with a valid certificate. Follow the steps to get a certificate and sign your app. Note: You may need to purchase a secure certificate. This is required to upload public applications to the Google Play Store.
How to sign your app: https://developer.android.com/studio/publish/app-signing
Here is one example of where to buy a certificate: there are many possible vendors, so feel free to shop around.
Where to buy a certificate: https://www.websecurity.symantec.com/code-signing/android
The error message you provided says com.example is restricted as APK package name, so the issue is clearly that you named your application this, which is invalid on Google Play.
Change your project name and you should be good to go.
I have not run into this issue on the Google Play Marketplace, but I would imagine you will also get the same error of you attempt to use the same package name as an application already published in the store.
As far as the certificate goes, I am assuming you are using Android Studio. Simply build a Signed APK from the build menu. This is how I create the APKs I publish on Google Play and I have never had an issue.
Related
The end goal is to collect application logs from problematic devices of users who post reviews in Play Store. This is achieved by sending a support build (release build with logs) to such users and asking them to reproduce an issue and send logs.
APK signing (OK)
When classic signing scheme (without android app bundles) is used, steps are as follows
generate release and support apks and sign them with the same key
upload release apk to Play Store
upload support apk to a cloud and provide a downloadable link to it
User can now download a support build by a link and install it over release version from market. When new version is available in Play Store, user can successfully update support build to that version.
Google signing (FAIL)
With android app bundles signing, I tried the following
generate release app bundle and sign it with upload key
upload release app bundle to Play Store
generate support apk and sign it with the same upload key
upload support apk to a cloud and provide a downloadable link to it
⚠️ However, users cannot install support build over release build from Play Store, because release build is re-signed by Google (signatures do not match).
I tried to solve this in following ways
a. Sign support apk with the same key that Google uses to sign release bundle.
FAIL: Cannot find the way to download the Google key.
b. Upload support bundle and let Google sign it. Download signed support apk from Play Console.
FAIL: Can only download a set of apks for a specific device. Cannot install them manually.
c. Use Internal app sharing. Upload support bundle and copy a download link.
FAIL: apks for internal sharing are signed with a different key - signatures do not match
My questions
Is there another way to achieve the end goal (get logs from market users)?
Do I miss something in my attempts I mentioned above? Specifically,
is it possible to download a real signing key from Play Console?
is it possible for an average user to install a set of apks generated from an app bundle?
Re-using the same upload key does not mean that Google will re-sign the APK with the same app signing key.
If you want the support APK to be signed with the same key as your main app, you need to request it explicitly when you enroll in App Signing by Play:
To answer your other questions:
It is not possible to download the signing key from Google Play.
The best way for an average user to download APKs generated from App Bundle is from Play. You can provide a link to any version you published that they can open directly on their device. If you meant sideloading APKs generated from App Bundle, then it is not easy for the average users since that will require running a command line tool (bundletool).
Your best option in this situation is to create an Internal Test track in Google Play console, and invite the user in as an internal tester. Upload your debug bundle into the Internal Test track, and using Bundle Explorer you can copy the direct build URL and share that with the user.
They will need to opt in to your beta program first, and "join the beta" on your app's Play Store listing.
I am managing a mobile application that was first published by another person and I was on my way to release the first update on my own but I couldn't.
Used technology : react-native
What I did:
Followed official react-native doc on how to publish (create keystore, configuring project accordingly, generating aab, uploading it to Google Console)
When I uploaded my .aab file, I got the following error
Upload failed
Your Android App Bundle is signed with the wrong key. Ensure that your App Bundle is signed with the correct signing key and try again: SHA1: *SHA1 Key*
I understood that there is a key problem but I couldn't know what would solve it, I tried downloading the keys provided in the Google Console but that also was a dead-end !
What can I do ? Can someone explain how can two developers (or more) manage the releases of the same application ?
You have to basically have the same signing certificate which was used to upload a build in the first place and use the same certificate they have used to originally sign the app. Otherwise you cannot publish a new update for the app. if you have lost the certificate, you can contact the google team.
Hope it helps. feel free for doubts
we are developing a mobile application for one of our clients, and the client currently has an app version on Google's Play Store.
The current app has been developed by an external vendor A, so our client has been uploading the apps with his signature.
Now, we want to go on production with the new app developed by us (We are the vendor B).
The client has given us the keystore file used for signing, the key alias and the password, so we are able to generate an APK with the same package name (com.myclient.myapp). We are signing with V1 (The same way the old app has been signed).
The problem starts when we try to update from the old app to the new one. In an Android device, we install old app, and then we try to update to the new one. Android does not allow us to install the new signed APK because understands that the signatures of both apps seems to be different.
We need help on this topic. Can you please help? Thanks a lot in advance!
The package name's should not be matched with the earlier vendor with your changes.
Check the gradle versions before generate the signed APK and upload to playstore.
Check in the manifest the version name and version code are updating.
While generating the signed APK check the check boxes of all with signed full APK.
"App signing by Google Play" is a two step process. You sign the APK with an upload key and then Google checks this signature and resigns the APK with another key.
If this was used for the old App you will not be able to upgrade an App downloaded from the store with one that was locally signed because the signature key is different.
It will however work if you upload the new App to the Play Store.
I made an app & then created an APK, generated a signed APK (I was using AndroidStudio 3.0).
I tried to post it, but I had this issue: "You must use a different package name because "com.example" is restricted." I searched on youtube then I solved this issue.
Now I have another issue when I publish my APK to Google Developer Console. The APK is signed I don't know why this doesn't work....
The error is: "You uploaded an APK signed with a certificate that is not yet valid. You must sign the APK file with a certificate that is valid"
You should read the whole of the article on "Manage your app signing keys" then maybe re-ask the question when you understand it a little better.
Every app on android is signed. Google will do the signing for you if you opt-in to Google Play App Signing (you should) but you still need to sign your app with an upload key so that Google knows it comes from you, and not some malicious attacker who has taken over your account.
This upload key can be replaced by the Play Console support team, but you should only need to do this in an emergency. Until then you should generate an upload certificate, sign your app with it, and keep the certificate safe.
All the instructions for how to generate an upload key, and sign your app with it are in the article linked above.
I just published my first game a couple hours ago. I tested it by adding email accounts under "testers" and Google Play Sign in worked perfectly. However, after clicking publish on the game service, and publishing the app that was linked to the game service (leaderboards and achievements) I can no longer sign in!
What is the problem?!
update
If I install the app from Android Studio by running the project, I can connect. However, downloaded from the play store I am unable to connect! Did I miss some sort of licencing step or something?
You probably published a version of your app that was signed with your local debug key to the Play Store.
As mentioned here:
You should create two client IDs, one with the release certificate fingerprint and another with the debug certificate fingerprint, and use the same package name for both. To learn more about how to specify the signing certificate in the Google Play Developer Console, see Signing Your Applications.