I am using the last version of the Android Studio, but when I try to send the app for PlayStore I can't because the SHA1 is different.
This is SHA1 from the certificate:
but the app build has this SHA1:
I find a problem in Android Studio with my KeyStore.
The Key store has a SHA1 but the app with this keystore has another.
Just try this:
$ keytool -list -v -keystore mycert.keystore
will show:
SHA1: 67:F0:AE:82:85:7C:BD:C8:A0:CE:45:FA:6B:A5:92:E5:4A:34:40:AD
but when you build in Android Studio a app with this keyStore you will receive that:
$keytool -list -printcert -jarfile app-release.apk
will show:
SHA1: 15:C3:B6:FB:B0:9B:21:DC:85:D6:04:FA:62:44:EA:F7:3D:85:FD:F8
you need to provide a keystore having that sha1 key while signing the apk like this
Sometimes other apps change your keystore number - e.g. Unity does that.
Its not illegal, its just Unity thinks your keystore belongs to itself and writes over the SHA1 number.
Solution: store your keystore safely in an email or something.
Related
I'm trying to set up "Login with Amazon" for a Fire TV app and I can't find the required MD5 signature I need to generate an API key.
Amazon requires both SHA-256 and MD5 signatures, but I can only find the SHA-256 and SHA-1 signatures.
I have extracted the CERT.RSA file from the APK package and ran this command:
keytool -printcert -file CERT.RSA
And I have ran this command on the keystore file:
keytool -list -v -alias <alias> -keystore <keystore.filename>
This is the result for both commands:
...
Certificate fingerprints:
SHA1: 26:C9:E6:7E:B5:28:F9:CC:C5:5D:9C:...
SHA256: 09:65:05:6C:38:03:94:E7:81:18:E7:36:6D:FE:41:DB:06:...
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
...
As you can see, no MD5 signature. I have tried running the signingReport using these instructions: How to get the SHA-1 fingerprint certificate in Android Studio for debug mode?
I do get an MD5 signature, but that is for the debug keystore only, as far as I can tell. And the SHA-256 signature from that report is different from the one from the keytool commands. I need the MD5 signature from the release keystore.
Can someone show me how to get the MD5 signature from a release keystore or from a CERT.RSA file?
thanks,
Dave
I should have posted the answer here instead of in comments.
I had to create a new Gradle config to add to the signingReport per these instructions Create New signingReport config
Then run the signingReport task using the 'release' build variant
Run signingReport task
If tasks doesn't show up, you can go to Settings --> Experimental and untick the box 'Do not build Gradle task list...'
I still have no idea why I can't get the MD5 signature by using keytool.
I have old Xamarin android project. I made small changes and changed target to android x. The customer sent me a keystore file with password and alias. Now I need to sign and publish the package in google play. But I am getting the error your fingerprint does not match:
-need "Sha1Need"
-current "Sha1Other"
I check my key file with command:
keytool -list -v -keystore "my.keystore" -alias key -storepass mypass -keypass mypass
I get result value "Sha1Need".
Than I checking my apk with command:
keytool -printcert -jarfile my.apk
I get value "Sha1Other". How is it possible? And how can I fix this?
I use this code in my .csprj file:
<AndroidSigningKeyStore>app.keystore</AndroidSigningKeyStore>
<AndroidSigningStorePass>mypass</AndroidSigningStorePass>
<AndroidSigningKeyAlias>alias</AndroidSigningKeyAlias>
<AndroidSigningKeyPass>mypass</AndroidSigningKeyPass>
--UPDATED--
This was a problem on the customer's side. He changed the password on the key several times, and one of the options worked.
I need to update my app on Play store, but I forgot that which Keystore I used to sign the APK. is there any way to identify this?
try to use one keystore and build apk and upload to playstore alpha/internal test if selected keystore is incorrect play store throw exception
To know the keystore you used for siging the APK, You need to identify SHA1 key of keystore. Unzip the APK and open "META-INF" folder in terminal. Run the following command: -
keytool -printcert -file CERT.RSA
This will print the SHA1 key. Just verify this key with your both keystores. To know the SHA1 of the keystore use following command in terminal: -
keytool -exportcert -alias aliname -keystore youkeystore.jks | openssl sha1 -binary | openssl base64
Just try with both one by one increasing version, Like first create sign APK with first one upload it on play store console if google throw exception then increase version code and try with second one and upload again on play store.
As if you are saying Keystore from you have then it will be match and your problem will be fixed.
I've an application built using Android Studio. Recently enhanced it using Ionic 3.0. When i'm trying to build with the same package name & certificate Google Play shows an error like SHA1 key differs.
The package name remains same.
Version info updated (6.0 as ionic, v5.0 already in google play prod)
ionic cordova build --release android
jarsigner -sigalg SHA1withRSA -digestalg SHA1 -keystore sample.jks sample-unsigned.apk storekey
zipalign.exe -v 4 sample-unsigned.apk prod.apk
Google Play upload failed
You uploaded an APK that is signed with a different certificate to your previous APKs. You must use the same certificate. Your existing APKs are signed with the certificate(s) with fingerprint(s):
[ SHA1: 18:3B:40:F3:05:E6:03:1E:CA:CC:69:BF:BA:58:8A:BC:D9:65:28:83 ] //Not sure from where its being referred.
and the certificate(s) used to sign the APK you uploaded have fingerprint(s):
[ SHA1: 71:16:65:C5:97:67:0D:4F:7A:D8:26:50:5A:C9:24:54:89:81:0E:BA ]
keytool -exportcert -keystore sample.jks -list -v prints the same key:
SHA1: 71:16:65:C5:97:67:0D:4F:7A:D8:26:50:5A:C9:24:54:89:81:0E:BA
Any idea what i'm missing? Your suggestions are much appreciated.Thanks.
It's exactly what the message says. You have signed with a different key. You can check this yourself.
Use unzip -p Name-of-apk.apk META-INF/CERT.RSA | keytool -printcert (from this SO answer) to print the details of your APK. Your previous APK is signed with one key, and your new APK is signed with another. I don't know how you signed your previous APK, only you know that.
(Mac)
I created a keystore with alias and password with the same name (projectOne) and when I try to get the SHA1 from that created keystore and put it on my created google console maps I have trouble getting the SHA1 out.
I type this in the terminal but it does not let me access the keystore.
keytool -list -v -keystore ~/.android/ projectOne.keystore -alias projectOne
It says this (roughly translated):
Invalid option/Unauthorized: projectOne.keystore
Now I use the SHA for debug:
keytool -list -v -keystore ~/.local/share/Xamarin/Mono\ for\ Android/debug.keystore -alias androiddebugkey -storepass android -keypass android
And this does not work when I try to "release" it. So I assume I have to get the SHA1 from my own created keystore but as I mentioned above. It says it is an invalid option/Unauthorized option.
Based from this documentation you need to first find the .keystore file that your .apk was signed with. The keystore used will depend on if your app's .apk package was created as a debug build, or if it was packaged with a different .keystore file.
For builds that you have signed with your projectOne.keystore file, you need to substitute your own values for the .keystore file, keystore password, and alias name from when you created the keystore file.
You can follow these tutorial and forum which suggested to verify that the alias or password you use is correct.