I made research on the topic, but couldn't find a solution:
I created a signed apk from an eclipse project, and i also have the eclipse key store.
But i couldn"t find out how to import this key store at signing in Android Studio.
These are the following things i already tried:
-adding the key store path as it was created originally by eclipse in Android Studio
-adding the path in Android Studio after adding the .jks extension to the original file
In both cases the error is:
Execution failed for task ':application:packageRelease'.
Failed to read key from keystore
So what is the correct way of adding an eclipse keystore to Android Studio?
Any suggestions appreciated, because i have no idea what goes wrong.
I believe this message means that your key alias does not exist. In Android Studio, you can use Build > Generate Signed APK..., enter your key store password, and then browse for a list of key alias in the keystore.
I had the same problem and was really frustrated with it. I have solved it and can help you with it.
1) Ensure that your key is uncorrupted and untampered. This is the reason behind most of the problems.
2) Select the path of the key in "Generate Signed APK" dialog box. This path can be anything, it doesn't actually matter.
3) Now just put your keystore password. This needs to be correct, otherwise you will get messages like "Keystore is corrupted", but it isn't.
4) After entering the password, select the Key Alias. If you enter wrong password, this field will be blank.
5) Put the Key Password same as Keystore password. This worked perfectly for me.
Hope it helps all of you. Thanks.
This is specified in your Gradle build file, copy the keystore file into your Android Studio project structure, I chose to create a new directory under app called keystores: /app/keystores/release.keystore
signingConfigs {
debug {
storeFile file('keystores/debug.keystore')
}
release {
storeFile file('keystores/release.keystore')
keyAlias ...
storePassword ...
keyPassword ...
}
}
buildTypes {
debug {
signingConfig signingConfigs.debug
debuggable true
}
release {
signingConfig signingConfigs.release
debuggable false
}
}
Related
My app was previously built while in the expo managed workflow. I did this using expo ba. Because android apps require that you release your app before you can add in-app-purchases, I uploaded this apk and released a beta using it.
I needed to switch to the bare workflow in order to implement in-app-purchases. Now, when trying to create a build to release the actual app, I am following the React Native instructions but must create another upload key in order to create a build(which is an aab this time).
On the play console it states
Upload key: The key you use to sign your first release. Sign every
subsequent release with the same key to verify it’s from you. Keep
your upload key safe. If it’s ever lost or compromised, contact
developer support to replace it.
I'm pretty sure this is a problem because I used whatever expo was giving me to sign the original apk.
I also cannot delete my original app and create a new app with the same bundle name because once an app is released it cannot be deleted.
To get the previously used keystore file run
expo fetch:android:keystore
Which will display something like
Keystore credentials
Keystore password: MYAPP_UPLOAD_STORE_PASSWORD
Key alias: MYAPP_UPLOAD_KEY_ALIAS
Key password: MYAPP_UPLOAD_KEY_PASSWORD
Path to Keystore: /Path/To/my_upload_store_file.jks
Edit the file android/app/build.gradle to include the information above
...
android {
...
defaultConfig { ... }
signingConfigs {
release {
//if (project.hasProperty('MYAPP_UPLOAD_STORE_FILE')) {
storeFile file("MYAPP_UPLOAD_STORE_FILE")
storePassword "MYAPP_UPLOAD_STORE_PASSWORD"
keyAlias "MYAPP_UPLOAD_KEY_ALIAS"
keyPassword "MYAPP_UPLOAD_KEY_PASSWORD"
//}
}
}
buildTypes {
release {
...
signingConfig signingConfigs.release
}
}
}
...
Place my_upload_store_file.jks inside android/app
Edit the file ~/.gradle/gradle.properties or android/gradle.properties, and add the following
MYAPP_UPLOAD_STORE_FILE="my_upload_store_file.jks"
MYAPP_UPLOAD_KEY_ALIAS="MYAPP_UPLOAD_KEY_ALIAS"
MYAPP_UPLOAD_STORE_PASSWORD="MYAPP_UPLOAD_STORE_PASSWORD"
MYAPP_UPLOAD_KEY_PASSWORD="MYAPP_UPLOAD_KEY_PASSWORD"
Run the following in a terminal from the directory android
./gradlew bundleRelease
This will produce a file called app-release.aab inside the directory android/app/build/outputs/bundle/release/.
Upload this file to the Google Playstore console
This question already has answers here:
Your Android App Bundle is signed with the wrong key. Ensure that your app bundle is signed with the correct signing key and try again
(27 answers)
Closed 1 year ago.
I've just now started using app bundles. I've set the two certificates in the App signing section of the dashboard (signing certificate and upload certificate).
I've built an app bundle and signed it with the upload certificate, but when I upload the bundle under Android Instant Apps (which is in fact the reason I switched to app bundles) it says that:
Your Android App Bundle is signed with the wrong key. Ensure that your app bundle is signed with the correct signing key and try again: xx:xx:xx:xx.....
I've manually checked the SHA-1 of the upload keystore (using keytool in the terminal) and it matches the xx:xx:xx.... it says in the error message.
What am I doing wrong? The app bundle IS signed with the required upload certificate, but google play doesn't seem to like it.
Ideas?
The solution was a very basic one. I had to clean my project and then rebuild it.
Android Studio was signing my app bundle with the old certificate i was using.
What I did previously is go to Build -> Generate Signed Bundle / APK and i changed the jks file in the file selector to the new upload jks. It seems Android Studio caches the old certificate path and uses it even though I've selected a new one. Might be a bug in AS.
So yeah ... now if I clean the project every time i change the jks file it works, the apk or app bundle gets signed with the proper certificate...
I see there are an answer but in my case I forgot to remove
debuggable = true
from app build.gradle
I tried using the multiple answers here & in this question, but somehow I was getting this error because I had some issues with my android/app/build.gradle and android/gradle.properties files.
Two things you should check (in addition to the other solutions here) are:
In android/gradle.properties and android/app/build.gradle, make sure your keystore variables match exactly.
In android/gradle.properties, you probably have something like this:
MYAPP_RELEASE_STORE_FILE=<>
MYAPP_RELEASE_KEY_ALIAS=<>
MYAPP_RELEASE_STORE_PASSWORD=<>
MYAPP_RELEASE_KEY_PASSWORD=<>
Make sure these variable names exactly match those in android/app/build.gradle:
android {
...
signingConfigs {
release {
if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
storeFile file(MYAPP_RELEASE_STORE_FILE)
storePassword MYAPP_RELEASE_STORE_PASSWORD
keyAlias MYAPP_RELEASE_KEY_ALIAS
keyPassword MYAPP_RELEASE_KEY_PASSWORD
}
}
}
}
In android/app/build.gradle, make sure you set signingConfig to signingConfigs.release in your release buildTypes:
android {
...
buildTypes {
debug ...
release {
signingConfig signingConfigs.release
}
}
}
Note: If you're doing react-native development and found yourself here, make sure you follow all steps on "Publishing to Google Play Store". I thought I could skip a few steps without causing problems, and that led to hours of debugging
In my case the issue was Android App bundle, I had forgotten to increment the versionCode for the project and it was not showing that error on the console. Instead, it was showing the error related to certificate SHA.
After a little bit of searching, I found that I accidentally had testCoverageEnabled true in my release build type.
release {
testCoverageEnabled true
...
}
This will make the APK / App Bundle debuggable, and Google Play Console will consider it's not signed. Removing this resolved the issue.
App bundles are just signed using the same format as jarsigner. So you can check the cert hash of your app bundle signature yourself. For example, on linux:
zipinfo -1 ${APK?} \
| grep -E "META-INF/.*(RSA|DSA|EC)$" \
| xargs -I{} unzip -p ${APK?} {} \
| keytool -printcert
If the output from this shows a signature that does match the correct signing key, then there is a bug in Play store, and you should escalate to Play Console support. This is available on the help menu on the Play Console.
On the other hand, if the certificate doesn't match, then even though you think you are signing with the right keystore/key you are doing something wrong, and the app bundle is not signed with the correct upload certificate.
I faced this error because :-
I created a new key for testing and then generate a app bundles/apk
That apk/app bundle had some error so after resolving that error again I created a new key and made a brand new app bundles/apk in which this error occur
so if you did something like this then try to provide a path of first key made with project ,in key store path with same Password and same key alias
This will work because we can only have a one key for a project which is the first key generated. and every time when you want to make a apk/app bundles of your app for publishing/updating purpose you have to provide a same key and password therefor it is highly recommended to store key on safe place
Note:- in some cases(if you already have multiple failed tries) you may face something like "you already have one with same version" error on play store console in that case, in build.gradle file just increment versionCode and versionName no by one and regenerate apk/app bundles
In my case, I upload the wrong application with the same name. Just make sure you upload the same applicationId than previous one.
For me, what went wrong was that, in my google play console, I had already opted in to play app signing, so when I first uploaded the aab, google registered and signed my app for subsequent releases. This means if i upload another aab, the signed certificate will be different from the one google signed.
I needed to delete this so I upload another aab. In other to do this, I had to click on my profile and select manage developer accounts. I saw the drafts of my aab google has signed, I deleted this so that I can generate and reupload another one.
When I deleted it, I then generated another aab from my android studio and uploaded it again to my google play console. This time, it did not give me the warning for wrong signing key
I have the same problem with Android Google Maps not working outside my computer, and in the solution, it looks like making sure everyone in my team have the same .keystore file will solve the problem. However, .keystore file is hidden, I guess it's also encrypted in some way that you can't just view it using cat command.
I am working with my teammates on a android project and I'm in charge of the map part, but no one else can see the map even if we have the exactly same codes(shared using git).
So could anyone please tell me how to copy the file to others (and is it safe to do so)?
Or is there any other ways to do this?
I use a mac, the I have teammates using windows and mac.
Option a)
You can make everyone on your team use the same signing key for debug builds.
I like this solution because when testing you can easily update already installed apps from your colleagues (because the signatures match).
1. Make a prepro keystore
Copy one of your debug keystores in your project root directory. Debug keystore is typically located in ~/.android/debug.keystore. Let's name the copy prepro.keystore.
2. Make a prepro signing config
In your app module build.gradle create a new signing config that's using the keystore from step 1.
android {
signingConfigs {
prepro {
storeFile rootProject.file("prepro.keystore")
storePassword "android"
keyAlias "androiddebugkey"
keyPassword "android"
}
}
}
Note the passwords and key alias for all debug keystores.
3. Use the prepro signing config
Make all your debug builds use this new signing config.
android {
buildTypes {
debug {
signingConfig signingConfigs.prepro
}
}
}
Notes
You can name your new signing config anything except debug and release.
is it safe to do so
Putting a key in Git is OK as long as it's a key intended for development.
Option b)
Add your colleagues' debug key signatures to the project Google console. Then apps built by them will be able to use Google APIs such as Maps.
More info here: https://developers.google.com/maps/documentation/android-api/signup#getting-the-certificate-information-yourself
I guess it's also encrypted in some way that you can't just view it using cat command.
Correct, see the link above.
I want to get the wechat login data.
Due to the problems of Application Signature, I had once failed.
Please tell me how to put a value on what 'Application Signature'.
Thanks.
Check out this example code I found on github.
For the signature, use the MD5 hash of the key used to sign your
published APK. The easiest way to do this is to setup a signature to
always use for your debug/release builds. If you have a java keystore
holding a signing key within your project, you can add the following
to your app gradle file to sign your debug release with a constant
signature:
android {
...
// Keystore located in root project folder. Google can show many examples on how to generate keystores with signatures
signingConfigs {
debug {
storeFile file('keystore.jks')
storePassword 'password'
keyAlias 'weChatDebug'
keyPassword 'password'
}
}
... }
An easier way would be to:
download this app by following this link.
Install the app you want to generate the signature of (the app has to be signed)
Open the app you downloaded in step 1, fill in the name of the package of the app you installed in step 2 and click the button
A signature will be generated for you
You have to put MD5 of your keystore. Keystore will be the one with whom you are signing your APK.
As I was going through some posts on the Internet learning more about signing your Android app, I got post like how to sign the app, and something about what if you have lost your keystore file or password.
The question I am here to ask is that, I have never created a keystore, or its alias, or its password, so how on this earth can I forget it?
I know that for Android we use the password android, so, if the password is by default android how can one forget it? (I'm sure there must be some other way to create new keystores).
Finally, if android is the default password, what is the default alias?
Signing in Debug Mode
The Android build tools provide a debug signing mode that makes it easier for you to develop and debug your application, while still meeting the Android system requirement for signing your APK. When using debug mode to build your app, the SDK tools invoke Keytool to automatically create a debug keystore and key. This debug key is then used to automatically sign the APK, so you do not need to sign the package with your own key.
The SDK tools create the debug keystore/key with predetermined names/passwords:
Keystore name: "debug.keystore"
Keystore password: "android"
Key alias: "androiddebugkey"
Key password: "android"
CN: "CN=Android Debug,O=Android,C=US"
If necessary, you can change the location/name of the debug keystore/key or supply a custom debug keystore/key to use. However, any custom debug keystore/key must use the same keystore/key names and passwords as the default debug key (as described above). (To do so in Eclipse/ADT, go to Windows > Preferences > Android > Build.)
Caution: You cannot release your application to the public when signed with the debug certificate.
Source: Developer.Android
if you want to configure them in gradle it should look like
signingConfigs {
debug {
storeFile file('PATH_TO_HOME/.android/debug.keystore')
storePassword 'android'
keyAlias 'AndroidDebugKey'
keyPassword 'android'
}
...
}
Keystore name: "debug.keystore"
Keystore password: "android"
Key alias: "androiddebugkey"
Key password: "android"
I use this information and successfully generate Signed APK.
when we run application in eclipse apk generate is sign by default Keystore which is provided by android .
But if you want to upload your application on play store you need to create your own keystore. Eclipse already provides GUI interface to create new keystore. And you also can create keystore through command line.
default alias is
androiddebugkey
Better than all options, you can set your signingConfig to be equals your debug.signingConfig.
To do that you just need to do the following:
android {
...
buildTypes {
...
wantedBuildType {
signingConfig debug.signingConfig
}
}
}
With that you will not need to know where the debug.keystore is, the app will work for all team, even if someone use a different environment.
All these answers and there is STILL just one missing. When you create your auth credential in the Google API section of the dev console, make sure (especially if it is your first one) that you have clicked on the 'consent screen' option. If you don't have the 'title' and any other required field filled out the call will fail with this option.