I bought an application but when I upload it to the google play this message appears
I have searched a lot and nothing has worked out. I would like some help
You have to make build with keystore used to make build which is currently live on developer console.
WHen you say you bought an application, do you mean you bought an application already on the play store? If so, they should have given you the signing key and passwords. Use that to sign your app. If they didn't, you need to get it from them. If they don't have it, you need to contact google. Good luck with that, as you'll need to prove somehow you're the new owner. You really better hope they gave you or have the key.
Problem : maybe you not chose the signatures v1 v2
https://i.stack.imgur.com/yhIqB.jpg
As already mentioned, the key you generated the apk with is not to the one it should have, so you made some mistake at generating the signed apk in Android Studio by missing your key file. So you maybe just created a new one instead of using the old one
You have not signed the application with a different .keystore file.
If you are using xamarin the keystore file path;
C:\Users\your user name\AppData\Local\Xamarin\Mono for Android\Keystore
if you are using android studio, you must find your previous keystore.jks file. This file must have same md5 your error said.
You can see your keystore files md5 and sha1 codes with this command;
keytool.exe -list -v -keystore "%LocalAppData%\Xamarin\Mono for Android\debug.keystore" -alias youralias-storepass yourkey-keypass yourkey
Related
I am trying to create a playstore release.
I've followed the guide to create an upload key and keystore, to the letter: https://developer.android.com/studio/publish/app-signing#generate-key
I have then generated a signed app bundle of my app with the upload key, exactly as stated here: https://developer.android.com/studio/publish/app-signing#sign_release
Which resulted in a file named: app-release.aab
Now, because this app is brand new, and has never been released before, there is no need to export the encrypted key and "opt in an existing app into Play App Signing" as I already opted in to this when I created the new app listing in the play console and, of course, I've never uploaded an APK signed with another key for this app listing before.
Next, I go to the play console and create a new production release. When I upload the app-release.aab file however, I see the following error message:
"The Android App Bundle was not signed."
Which is completely baffling.
As far as I can tell, I have followed the instructions to the letter, and I have attempted to do some research on google but I'm finding no answers.
Could anyone with experience of this process help me?
EDIT:
What I did not understand about the entire process, was that I am asked to generate the upload key locally but never actually upload the key to the google play console - how on earth does Google know that the app is signed with the upload key, if they've never seen the upload key? But, no where in the documentation of generating the upload key is it stated that I am supposed to do anything with the locally generated key other than use it to generate the signed app bundle locally, which is exactly what I have done.
EDIT 2:
Here are screenshots showing the process I am following to create the upload key and generate a signed bundle of my app with the upload key:
And then, rather oddly, the result of running keytool -printcert -jarfile app-release.aab from the directory where the bundle is:
You can verify if the app bundle you upload to Play is signed by running locally one of the following commands:
Using jarsigner:
jarsigner -verify app.aab
Using keytool:
keytool -list -printcert -jarfile app.aab
If it says the file is "verified" (or you see the certificate being printed when using keytool), then you AAB is indeed signed. If it is, make sure you upload the right file to Play Console, and if it still doesn't work, contact the developer support.
If it says the file is not verified/signed, then make sure you have selected a keystore in Android Studio when you generated the signed bundle and ensure the build succeeds.
If all else fails, do a full Clean Project and try again.
how on earth does Google know that the app is signed with the upload key, if they've never seen the upload key?
Google simply extracts the certificate from the first APK or AAB you upload and considers this the upload certificate. Every subsequent upload will have to be signed with the same key, but the first one can be signed with anything.
I tried building a release package that was set to 'debuggable true' to upload to my test-channel, to debug the release key hash and got this problem. I thought I had ruined something trying to get the key hash with keytool and openssl, like that I changed something that made it stop working, but it was just because I made the release debuggable in the build.gradle buildTypes. Just a helpful thought to those who comes here next in case they have the same problem.
I had to rebuild the project before signing it.
I was having a similar problem (just a few days ago).
I was able to resolve my problem (and I don't know why) by running the following command on my .jks file and then going through Android Studio and generating the signed app bundle again.
$ keytool -list -keystore 'fakeNmae.jks' -storepass
fake-password-same-one-i-used-in-android-studio
Use the command exactly as you see it except of course replace your .jks file name with the one above (make sure it is between single quotes) and then add your password after the -storepass command.
Hope it helps you too.
Here's the entry I posted here on SO about the problem.
Using app bundles and play app signing is currently the way recommended by google to deploy new apps on google Play. And starting from August 2021 new apps will be strong-armed into using these formats.
How do I set this up in Unity, and how do I configure the app in Google Play?
I haven't gotten 2019.4 app bundle builds to sucessfully upload to play console, so it's probably a good idea to upgrade to the 2020.3 LTS before you start (as that's what finally worked for me.
Configuring Google Play App signing
First create a new app in Play Console, give it a name, accept terms etc.
Then, click Internal testing on the menu on the left side, and create a new internal release.
In the first question, click Change App Signing key, Use a different key and then select the third option, where you can upload your existing key (and an optional step with to add an upload key) to Google Play.
Now, don't just follow the instructions listed on Google Play, as you will end up with an upload key store that Unity doesn't know how to deal with.
Instead, using Unity, we will create two key stores and two keys. The first one is the app signing key, which you will only need to see once when uploading it to Google Play, then Google will take care of it and use it to do the final signing of your apps after you've uploaded your app bundles.
Go to Player settings → Publishing Settings → Keystore Manager → Create new in dedicated location
You don't need to fill out everything. Just the password, key alias and key password. It doesn't matter what you call the key. Don't configure Unity to use this key just yet (we'll create another key and keystore for Unity to use shortly).
Follow instructions 1.-3. on Google Play to upload this new key using the pepk tool.
Then, you need to create an upload key and keystore. Unity will use this key to sign your app bundles. Again, do NOT use the instructions on Google Play to create this key, instead use the Unity UI to create another key store that plays nice with Unity.
The passwords and alias could be whatever you want I named my key uploadkey, but make sure to keep the key store and passwords somewhere safe, you will need these later, or you'll have to create new keys and talk to Google support to reset it.
When prompted, click yes to configure your project to use this new key.
When you've created the key store and key export its public key to the .pem format...
keytool -export -rfc -keystore upload.keystore -alias uploadkey -file upload_certificate.pem
...and upload it to Google Play.
Click Update and then Continue in Play Console.
Play store should now be ready to accept your .aab files.
Configuring Unity
Hopefully, your project is now set up to sign using the upload key you just created.
Make sure to set the package name yourself by going to Player Settings → Other Settings Override Default Package Name . Type in something appropriate in lower-case characters only, the default package name has uppercase characters, which I think is just begging for problems. You can't change this later, or you'll have to create a new play store entry, so make sure it's something that's acceptable for customers to see, i.e. com.yourcompany.gamename.
It's also a good idea to enable 64-bit builds in player settings otherwise, google play will complain later. Switch Scripting Backend to IL2CPP and then tick ARM64:
Tick Build App Bundle in Build Settings.
Click Build and build your .aab file
Then upload it to the Google Play Console:
If you're lucky, everything went smoothly, and you can click save and be ready to start testing your app.
If not, you may get helpful error messages, in which case just follow them, if not and they're really non-descriptive (like "Couldn't upload. Try again."), then try temporarily uploading an .apk instead, as that sometimes gives better error messages, then switch back to .aab when you've solved the issue.
In Unity 2020.3 you can use a jks upload key in Unity that was generated in Android Studio and keep "Let Google manage your key..." selected.
To generate a key, install Android Studio and create an empty Android Studio project then once gradle settles down, choose Build > Generate Signed Bundle. When it prompts for a keystore, create a new one and save it where you want. Cancel out, then in Unity select the jks you saved as your keystore in publishing settings.
You should be able to generate an aab package in Unity using the jks as a custom keystore to upload and still let Google manage the signing key like they recommend.
After struggling with uploading an app bundle, I realized one extra thing :
Don't use any forbidden characters in your password for the keystore in Unity ! This includes spaces and brackets, maybe not only...
If in doubt, try creating the key with Java keytool command line and it will tell you your password contains characters that can't work... Even just type the command line into a terminal and you'll see your password makes the command line break !
keytool -genkey -keystore yourfile.jks -dname "n=Mark Jones, ou=JavaSoft, o=Sun, c=US" -alias android -keypass YOUR PASSWORD -storepass YOUR PASSWORD -keyalg RSA -keysize 2048 -validity 2000
Maybe special chars are allowed in the Unity key generation panel but not in keytool ! Unity should fix this issue, it was driving me nuts ;)
Peace :)
FOR ALL YOU BEAUTIFUL FOLK WHO GET STUCK AT THE LAST STEP! - READ THIS!
Blockquote
When you've created the key store and key export its public key to the .pem format...
keytool -export -rfc -keystore upload.keystore -alias uploadkey -file upload_certificate.pem
...and upload it to Google Play.
Blockquote
Click Update and then Continue in Play Console.
THIS part drove me NUTS trying to figure out what the hell you meant by that. I know it's down to the fact that I'm a complete noob at this but the rest of the tutorial was AMAZING!
So let me clarify for those newbies (like me) who might lose the plot when they get to the last step and can't figure out what the hell to do.
At this point in the tutorial:
Blockquote
and upload it to Google Play. Click Update and then Continue in Play Console.
Here is what you have to do.
If you have already uploaded the FIRST signing key you were asked to make in unity (NOT the upload one), then simply go back to the INTERNAL TESTING page and refresh it.
Click CHANGE APP SIGNING KEY and then select the third option again: "Export and upload a key from Java keystore"
Click UPLOAD GENERATED ZIP and upload the .zip file that was created during the first steps.... I named mine output.zip
At STEP 4 you will see a link called "SHOW INSTRUCTIONS" - Click the link and upload your public upload certificate that was generated in the last step. The file ending with the .pem format
Click SAVE and it should work.
NOW the next part got me. I didn't know what to do from here. The project is ready to accept the .aab files but DO NOT DO THIS JUST YET!
Learn from Mr Impatient himself (that's me), read the rest of the tutorial. Changing the file name to all lowercase is good practice to prevent issues later with CamelCaseFileNames.
FINALLY
You might get an error that says your target Android API is too low. Simply go to the UNITY PROJECT > FILE > BUILD SETTINGS > PLAYER SETTINGS > OTHER SETTINGS > and half way down the page change MINIMUM API LEVEL to "31" or above as instructed by the Google Prompt you WILL get if you ignore this :)
You can do this through Unity, it will download the latest version of the Android SDK (it opens a powershell terminal - DO NOT CLOSE THIS).
Once that's done, and you've completed all the steps listed above, then and ONLY THEN are you ready to compile your .aab file and upload it to the Google Play Console.
Finally, I want to thank the author of this tutorial BobbaLuba for his amazing efforts. After 7 hours of messing around in Unity -> Android Studio -> Google Play and almost abandoning the thought of releasing my app on Google .... it worked!
You are amazing sir. I tip my hat to you. Keep doing what you do. I for one, am eternally grateful .... I am emotionally, mentally and physically drained. I'm off to bed. Thanks again!
Good luck my little code monkeys!
Peace out
- NewbNinja
When trying to install a signed application (app-release.apk), a "Blocked by Play Protect" alert is shown and the app is not installed. However, an unsigned application (app-debug.apk) can be installed without problems.
The error message:
Play Protect doesn't recognise this app's developer. Apps from unknown developers can sometimes be unsafe.
Why this error happened? What's the solution?
I found the solution:
Go to the link below and submit your application.
Play Protect Appeals Submission Form
After a few days, the problem will be fixed
Try to create a new key store and replace with old one, then rebuild a new signed APK.
Update: Note that if you're using a http connection with server ,you should use SSL.
Take a look at: https://developer.android.com/distribute/best-practices/develop/understand-play-policies
There are three options to get rid of this warning:
You need to disable Play Protect in Play Store -> Play Protect -> Settings Icon -> Scan Device for security threats
Publish app at Google Play Store
Submit an Appeal to the Play Protect.
Google play finds you as developer via your keystore.
and maybe your country IP is banned on Google when you generate your new keystore.
change your IP Address and generate new keystore, the problem will be fixed.
if you didn't succeed, use another Gmail in Android Studio and generate new keystore.
I am adding this answer for others who are still seeking a solution to this problem if you don't want to upload your app on playstore then temporarily there is a workaround for this problem.
Google is providing safety device verification api which you need to call only once in your application and after that your application will not be blocked by play protect:
Here are there the links:
https://developer.android.com/training/safetynet/attestation#verify-attestation-response
Link for sample code project:
https://github.com/googlesamples/android-play-safetynet
the only solution worked for me was using java keytool and generating a .keystore file the command line and then use that .keystore file to sign my app
you can find the java keytool at this directory C:\Program Files\Java\jre7\bin
open a command window and switch to that directory and enter a command like this
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Keytool prompts you to provide passwords for the keystore, your name , company etc . note that at the last prompt you need to enter yes.
It then generates the keystore as a file called my-release-key.keystore in the directory you're in. The keystore and key are protected by the passwords you entered. The keystore contains a single key, valid for 10000 days. The alias is a name that you — will use later, to refer to this keystore when signing your application.
For more information about Keytool, see the documentation at: http://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html
and for more information on signing Android apps go here: http://developer.android.com/tools/publishing/app-signing.html
If you are using some trackers like google analytics or amplitude and you are trying to release your app in another platforms other than Google Play, this errors appears for users. So there are two possible solutions:
Use special trackers in your app (firebase and appmetrica are tested and are ok)
Release your app in Google Play
it is due to expired of debug certificate
simply delete the debug.keystore located at
C:\Users\.android\
after that build your project the build tools will regenerate a new key and it will work fine.
here is a reference:
https://developer.android.com/studio/publish/app-signing
the solution lies in creating a new key when generating the signed apk.
this worked for me without a fuss.
click on Build
click generate signed Bundle/APK...
choose either Bundle / APK (in my case APK) and click Next
click on create new (make sure you have a keystore path on the machine)
after everything, click finish to generate your signed apk
when you install, the warning will not come.
I solved this problem by changing my application package name according to signature certificate details. At first I created application with com.foo.xyz
but my certificate organization was 'bar'. So I change my package name to com.bar.xyz and now there is no google play protect warning!
There is no very precise way to solve this problem, but the following tasks can be effective in solving the problem
Click Invalid Caches/Restart
Do the login process of Android Studio
Click generate signed Bundle / APK
Fill in all the "generate signed Bundle" information completely.
Do not use the same password. Make sure your passwords are different in
"generate signed Bundle"
different. Preferably enter the address of America with the code 01
It is probably sensitive to Persian, so it is better not to write in Persian in the program. Write the program menu in English and make it Persian in the next updates
Remove extra permissions
Finally, go to the site below and request a troubleshooting
https://support.google.com/googleplay/android-developer/answer/2992033?hl=en
Fill in the first and last name correctly
Upload the installation file, for example, in Dropbox, and copy the link
If you are using Dropbox, be sure to change the number zero at the end of the
link to one, then submit it or use link shortening sites.
If your request is not approved, shorten the link of the installation file, for
example, using the https://bit.ly site
In the description section, explain the problem. For your convenience, I will
leave a sample text for you :
Greetings to the esteemed Google Team
I am sending this request to fix the "Blocked by Pay Protect" error
****{Write your app info and your reasons}****
Fast, simple, free and lightweight, no annoying ads ,This app does not collect and store user data!
Also, no unnecessary cost is imposed on the user and is completely free , It
also certifies that this app does not harm user privacy and is not harmful to users
Thank you
If you did not receive the confirmation email, repeat the request again a few days later
If there were hardware changes, try to re-download or re-create jks file.
I also faced such problem, it occured after moving my SSD from one PC to another. This gave a hint that there were no need to send the app to Google for verification: an old apk file was installing with no warning. So I replaced an android.jks on my hard drive with the one from the cloud, created a signed apk and the problem has gone.
I kept getting this issue after installing my app on a real device for debug.
And the problem was that I had android:exported="true" attribute present on the main activity in manifest file. I removed it and Play Protect warning disappeared.
Update: The following method doesn't work anymore.
Not the solution, but you can use debug key for signing release builds to avoid blocking the installation from Google Play Protect. It looks like Play Protect doesn't warn for builds signed with automatically generated debug.keystore.
Note that your debug builds are not unsigned, they are just signed with a debug key.
Of course, you cannot use the build for production distribution (Google Play, Amazon, etc.), but it's still worth for pre-production internal testing which requires a high-frequency feedback loop.
You can add a task to build release with debug.keystore by adding the configuration in build.gradle, something like:
android {
buildTypes {
// add after the `release` definition
releaseDebugKey { initWith release }
}
signingConfigs {
// use debug.keystore for releaseDebugKey builds
releaseDebugKey { initWith debug }
}
}
then execute ./gradlew assembleReleaseDebugKey to build a release build with debug key.
This error usually happens if you try to install an app from .apk file. The first thing you can do is to disable Play Protect from the inside of Play Store app in your phone:
Open Google Play Store app --> Play Protect --> Click Settings Icon on the top --> Disable scanning apps for security
Note: It is recommended that you enable it back again after finishing installation for security purposes.
Now after this you should be able to install the app. If you still receive error saying something like Error, app was not installed when you click on the .apk file, it means you have installed version of that app already. Uninstall the app first then you can install the app from .apk file without problem.
I am new to Android development, I just created a free little app that I would like to publish on the Google Play Store. I already uploaded my app bundle to the developer console, but I lack the signing process. I think the missing step is, from the developers tutorial, this one:
$ keytool -export -rfc
-keystore your-upload-keystore.jks
-alias upload-alias
-file output_upload_certificate.pem
What should I replace "your-upload-keystore.jks", "upload-alias", and "output_upload_certificate.pem" with? Furthermore, I haven't an .pem certificate, I just have the two .der certificates: deployment and upload that Google sent me. Am I missing something? Any help would be appreciated. Thanks.
If you don't already have a Keystore, you should go in Android Studio and go in Build > Generate Signed Apk or Bundle and click on "Create new", Write a name an alias and everything that the Keystore needs.
IMPORTANT: Don't forget to save your alias name and password somewhere, because you'll need theese things next time you'll use the Keystore.
IMPORTANT2: Once you signed the App, do a backup of the keystore, it's very important and if you lose it, you will not be able to update your own app, because Google App Store will request the same Keystore that you used for the first upload of your App, so don't forget, do a multiple backup and remember the alias and password.
If you have already a Keystore you should just select the Keystore instead creating a new one and insert the Alias Key and the Password, that's all!
The tools you need is just right on your IDE.
There are many ways you can generate a signed apk or bundle. what i prefer is Studio one.
Here is how you can generate one.
Step one :
Step Two :
Step Three:
if you have your keystore generated already then you can select one by clicking on choose existing button and move ahead if you don't have this generated then you can just create a brand new by clicking on create new button.
if everything is right then you can see your app bundle generated in app/release
I've been trying to get the game services working properly for so long. My problem is that game service isn't working on the version downloaded from the play store, but on the version downloaded directly from android studio the game service works perfectly. Even though both versions use the same key and have the same SHA1 code (the release SHA1 code). I checked if the SHA1 from the play store version of my app matches with the game service's SHA1 by comparing the SHA1 codes from the android-release.apk and from https://console.developers.google.com/apis/credentials/oauthclient. I doubt that the problem lies in the code of my app, because it works perfectly in the version downloaded directly from android studio.
So my question is what I could have possibly done wrong here, and how to fix it.
Thank you for reading
First off, I want to thank everyone who took their time to post an answer. I don't think anyone could have guessed my stupid mistake because it only applies to libGDX users. The problem was that the target sdk in the gradle .build file of BaseGameUtils was not the same as the .build file of the android module. It's amazing how such a small mistake can cost your whole weekend!
I had the same problem:
You need to use this:
keytool -exportcert -keystore path-to-debug-or-production-keystore -list -v
example:
keytool -exportcert -keystore D:\Hristijan\Aplikacii\Keystore\blabla.jks -list -v
This is the PATH where you created the keystore while building the APK FILE.
The problem was that we were using the SHA1 key for debug in OAuth 2.0 client IDs, and as i understood SHA1 for debug and release is different.
So after you get the SHA1 for the release, you go to google cloud platform and in Credentials change your SHA1 for your app.
When using Google Play Services SDK, check and make sure that your device is also compatible and runs Android version 4.0 or higher and includes Google Play Store.
See this documentation for more information. And, this article wherein it discussed about matching Google Play Services to your Android OS version might also help