I updated Android Studio yesterday and today I wasn't able to update my app on Google Play Store. When I upload the APK file, Google tells me that the app is signed with a different key but I used the same keystore as always, how can I fix this? How can I check which keys are stored in my keystore and how to choose which one to use?
I saw other similar questions but it was not enough detailed.
Thanks in advance.
If you have access to the APK that is currently online, you can check the signed certificate hashes.
Firstly get the hashes of your APK that is online:
keytool -list -printcert -jarfile online.apk
Then check the hash of your newer APK:
keytool -list -printcert -jarfile new.apk
You can compare for example, the SHA1 hash:
SHA1: 00:...*snip*...:FF
If they don't match then you know that the keystore you are using is not correct.
In Android Studio when you Generate Signed APK, and select the correct key store. Once you enter the correct keystore password, you will be able to select stored keys in Key alias part. Click on ... and in new dialog (Choose Key) you will see all your stored keys under Use an existing key dropdown
Related
I'm making an Android app using Expo. I download the upload certificate from Google Play Console. It's a .der file. I run:
keytool -importcert -file certificate.der -alias someAlias -keystore some.keystore
This creates a .keystore file of type .jks with 3 certificate fingerprints. The one which Google Play Console looks at during upload is the SHA1 fingerprint, which has 19 pairs of values such as 01:02:A1...
Using either expo build:android -t apk -c or expo build:android -t app-bundle -c to reset my keys and build an .apk or .aap, respectively, upon uploading to the Google Play Console, I receive an error that I haven't used the right key.
I get these errors:
.Apk error: You uploaded an APK that is not signed with the upload certificate. You must use the same certificate. The upload certificate has fingerprint: SHA1: 01:02:A1... - The fingerprint of my newly created .keystore according to keytool -list -v -keystore some.keystore; the error goes on to say - and the certificate used to sign the APK you uploaded has fingerprint:
SHA1: 98:97:96:... - an entirely different fingerprint.
.Aap error: Your Android App Bundle is signed with the wrong key. Ensure that your App Bundle is signed with the correct signing key and try again: SHA1: 55:66:77... - another completely different value.
I used the upload .der for the .apk version app build and the app signing .der for the .aap version app build, and both times the Google Play Console read a different value for the SHA1 fingerprint than the value which Keytool read for the same .keystore.
Switching keys, nor re-downloading, nor rebuilding had any affect, and keytool -list
always claim that the .keystore fingerprints match what the Google Play Console is asking for.
Is there something simple I'm missing? Any help appreciated.
I've answered a similar question in detail in How to use upload certificate to release an app update? but in short, you cannot use a certificate to sign an APK or App Bundle: the certificate only contains the public key while you need the private key to sign an APK or App Bundle.
Google does not have the private key so you can't download it from the Play Console. You need to use the same keystore that you used to sign your first APK you uploaded to the console, you cannot create a new one.
If you've lost that keystore, you need to contact the Play developer support and let them know, they'll give you instructions on how to reset it.
I just updated my android studio to 4.0, I didn't store the passwords anywhere., Its just the same .jks key am using to sign the apk, and Now I am not able to generate signed apk. 1 week before I generated the app using the same key, and it worked. Now not., I tried searching in logs. no use,. I tried searching in taskHistory and executionHistory.
Another problem is If I click generate signed apk, nothing is happening now. But I am able to create new keystore and generate the apk.
I just found my keystore password. by typing this command.
keytool -list -v -keystore "C:\Users\User1\Desktop\try\keystoreone.jks"
It asked for keystore password, and I tried one by one, and my usual password worked, the keystore file opened to reveal the details. But how do I find the key alias password?
If youre enrolled in App Signing by Google Play then you can just contact support and send them a new pepk or pem otherwise you will have to create a new app.
I lost my keystore (.jks) file, and I was lucky - I used App signing before.
Therefore, Google was able to help me and reset my key.
But what is the next step with the SHA1 google gave me by mail?
They gave me the instruction for generating an upload_certificate.pem file that I sent them by mail.
And then, Google's answer was:
Good news - I was able to register your new upload key, you would need to update your app to use the new upload key certificate:
SHA1:....
Now I try to upload the APK with the jks file I used to generate the PEM file, also with a newly created jks file. in Google play console I get:
Your Android App Bundle is signed with the wrong key. Ensure that your app bundle is signed with the correct signing key and try again
What is the next step?
Presumably you created a new upload key following the instructions under "Create an upload key". These are roughly:
generate an upload key and store it safely. This gives you a key with alias something like "upload" in a keystore called something like "upload-keystore.jks"
export your certificate in PEM format using a command like $ keytool -export -rfc -keystore upload-keystore.jks -alias upload -file upload_certificate.pem
If this is what you did, then you need to sign your app with the keystore you created in step 1 "upload-keystore.jks" using alias "upload"
The SHA1 they sent you is just a way of confirming you used the right keystore. If you are still using the keystore for the PEM you sent them, then if you print out the certificate keystore from your APK it should match that SHA1.
You can print the SHA1 of the certificate from your signed APK with the command
keytool -list -printcert -jarfile app.apk
This will tell you the SHA1 of the certificate (key/keystore) you have used to sign it.
After I tried everything that came in mind, including "Invalidate cache and restart" in Android studio, the solution that worked was Build->clean.
Thanks to Dave Hubbard's answer
I have done an Android app which takes the data from a server database.
If I install it from an USB installation or installing an unsigned apk everything works properly but, if I install it from a signed apk (or downloading it from PlayStore) the maps activity does not work.
Once I have installed it, my app does a request to an API in order to take the data in its database an fill the app's db so I can show the data from the app db.
I know it is getting the data since I can see everything allright but maps Activity, which looks like following:
USB/Unsigned apk:
Signed apk:
Does anyone know if there is any diferent between these two apks that may be causing this unexpected behavior?
Thanks in advance
You need to create a Release key with your keystore file and password for Signed Apk
Then u have to add the key in developer console
Step 1
in command prompt:
keytool -list -v -keystore /home/rafsan/Desktop/Android/Projects/TestApp/keystore.jks -alias test -storepass password -keypass password
where
/home/rafsan/Desktop/Android/Projects/TestApp/keystore.jks is the path where your keystore file for the signed apk is present
test is the key alias name used while genrating the signed key store
and password is the password used while signing the apk
Step 2
Go to Developer console
and add the release key with package
A3:33:EA:3D:5E:....................85;com.example.package_name
Do you generate release certificate ? Check here.I think this solve your problem.
You have created a Maps API key with your debug certificate but not with your release one.
Follow the steps here and get a new key
https://developers.google.com/maps/documentation/android-api/
I am using Google Maps V1 API key. If i Itaking the apk from bin folder, the Google Maps will shown in application. But if I export the project and deploy the exorted apk the google maps do not show in the application. If anybody knows the reason, kindly share your thoughts. Thank you.
When you develop and run an application locally, you are actually signing it with a debug key.
When you export, you are signing it with a different, production key.
Google Maps requires your api key to match the key you sign your app with. So you will need 2 different api keys depending on whether your apk was made via debug key (copying it from "bin") or production (exporting).
What's happening to you is when you export your app, the key is not matching what Google Maps API thinks it should be, so it's not working.
Read more about signing apps here.
Please follow these steps to get Release SHA1
Find your .jks path which is used while creating signed apk.
Ex: /Users/dharm/Documents/Android/test.jks
Copy your jks file name and put in the end of line number 3
Ex: test.jks
Open your terminal and enter this command keytool -list -v -keystore "keystorepath" -alias "keyalias"
Ex: keytool -list -v -keystore /Users/dharm/Documents/Android/test.jks -alias test
When you will press enter it will ask for Enter keystore password. So please enter your key store password.
If you do all the steps successfully then you will get entire information of this certificate(key store).
Ex:
MD5: D2:52:A1:7C:14:9F:D5:DD:64:35:E2:3F:74:CA:C5:E7
SHA1: D3:32:AA:09:81:71:50:D2:47:20:43:B2:13:A2:D5:55:4B:A7:DC:3C
SHA256:
27:8A:84:C5:C3:CE:98:47:A7:73:E2:87:91:5E:5A:A2:F4:B8:D4:D4:0E
Now you can put this SHA1 key on google console( SHA-1 certificate fingerprint).
Hope it will help you.
For Video Kindly have a look on it
https://www.youtube.com/watch?v=g75cZXjmuj8&feature=youtu.be
I put the key directly in the manifest and began to work.