I am creating an in-app purchase app. I have uploaded apk file once while creating the application in Google Play developer console. But now when I am trying to upload another version of apk file it is showing error of different SHA-1 keys. I have changed the version code and package name is also same. I referred questions here and I got to know that apk should be signed with same certificate.
But my problem is when I export the project from Eclipse to generate signed apk it is not allowing to use existing keystore; moreover when I select existing keystore the dropdown list of alias are empty. So each time I have to create new keystore. Also it is showing "Invalid keystore format" on selecting exiting keystore. Please provide me with some solution to how can I generate an APK with same SHA-1 key.
Is this apk file generated from another computer than the first?
Make sure to have the same .keyStore file on your different PC.
Related
For a couple of days, I've been trying to upload the aab of an existing app. We have never tried aab before, so this was a fresh attempt. I encountered an error saying "Your android app bundle is signed with the wrong key", which indicated a mismatch of SHA1. So I cleaned the project, rebuilt, invalidated cache (because why not) and tried again - the error persisted. Although, uploading regular APKs work fine with this keystore.
Out of curiosity, I tried building the signed aab with another keystore in our project directory (one that no one used) and to my surprise, this newly signed aab was accepted. This seemed impossible, and I found the SHA1 of "App signing certificate" belongs to one keystore, while the "Upload certificate" belongs to another keystore.
I don't understand how is this possible. We have multiple people access the dev console. Even if it's a human error, how was the upload certificate from the wrong keystore accepted? How can I have this fixed so that I can upload the aab with the actual keystore?
When you (or someone in your team) enrolled your app in App Signing by Play, you must have created this second keystore to create the upload key and uploaded the certificate to Google Play (by simply following the given instructions).
The upload key is the one that should be used to sign the future APKs and App Bundles.
The reason that your APKs can still be uploaded with your original app signing key even after creating this upload key is that Play wanted to allow for this transition time where you're just testing the App Bundle in some testing track but don't want your current APK release process be affected in the meantime, so they'll still accept the APKs to be uploaded with the app signing key.
Ideally, you should now put the keystore containing your app signing key in a safe location with restricted ACLs (since having it compromised can have devastating consequences, i.e. have to migrate all your users to a new app) and only use the keystore containing your upload key (which, if compromised, can be reset).
For some explanation about upload keys and app signing keys, I recommend reading the documentation here:
https://support.google.com/googleplay/android-developer/answer/7384423?hl=en-US
I have an app already uploaded and published on play store. Now I want to update it. It was signed using google-play signing, I do have keystore and cert
but when I try to make a signed apk from android studio it gives me this error :
Trusted certificate entries are not password-protected
I also tried to make apk using jarsigner but still on luck.
I downloaded certificate then added certificate in jks but still there is error.
Certificate chain not found for: mykey. mykey must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
mykey is valid key I can see it in keystore List
Well, the Keystore is not the certificate that Google gives you once you upload the app on the Google App store, the Keystore is the one that Android Studio gives you once you sign the app, it requires an Alias and a Password too to be more precise, however, try to find the Keystore because you can't update your own app without the SAME Keystore you used for the first upload, good luck and keep coding, let me know if you need more support or if you still have some doubt, have a good day!
We recently had a developer leave us and now I am in charge of uploading any updates to Google play. We opted in to App Signing so i was able to download the cert. I am not sure I did what was correct. I double clicked the .der file which installed the key into my Key manager on mac. Then i imported that key into the generated keystore for the apk using Keytool. I am able to choose it when I build the APK but then get an error saying
Cause: trusted certificate entries are not password-protected
Any help? Thanks!
The certificate cannot be used to sign the APK, it doesn't contain the private key. You should find the keystore that contains the upload key, identify the alias of that key and use that to sign.
If you don't have the keystore anymore, you can generate a new private key and contact Google support to reset it: https://support.google.com/googleplay/android-developer/answer/7384423?hl=en.
I have the app ready so trying to sign it. I read the dev docs. Am using eclipse and adt so started using export. Am able to export a sample app. While exporting they says to have the key. I have created a new file and proceeded and finally I got the output apk. Once whn I opened the key file, I cant read anything. So I am confused.. Will it be readable?? or like the same? Please tell me about the certificate they are mentioning on signing the app, is this same as the one, the file I have created?? Thanks in advance..
Once whn I opened the key file, I cant read anything. So I am confused.. Will it be readable??
Your keystore file (e.g. mykeystore.keystore) should not be readable in a text editor or other such program.
Please tell me about the certificate they are mentioning on signing the app, is this same as the one, the file I have created??
Once you have finished signing your APK using your keystore (see Signing your Application), the APK will contain a META-INF directory that contains a CERT.RSA file, which is the application's certificate. You don't need to worry about this file at all, and it is automatically generated by keytool when you sign your APK.
Your private key (see Obtain a Private Key) is also referred to as your signing certificate, and is what is stored in the keystore. This is the key that you use to sign your application. After you have generated this key using keytool, you shouldn't need to worry about it anymore.
I have uploaded on apk file on the google play account,
apk i have created from eclipse by right click on the project and export and put following details in it
password,alias and developer units only.
and i have uploaded successfully on google play account.
But now problem is i have deleted this apk from local and also i am unable to uplaod any other apk if try to update 2nd apk with version code = 2 and version name = 1.0 then also it is giving me error that
The apk must be signed with the same certificates as the previous version.
So please help me to solve this issue now what can i do to upload a new updated apk in this application.
You are not using the same keystore file to sign your apks.
the .apk must be signed with the same private key. If the package name and signing certificate do not match those of the existing version, Market will consider it a new application and will not offer it to users as an update.
Taken from here,
The apk must be signed with the same certificates as the previous version
The only way is to sign your update package apk with the same key which you have used for the previous version. No other go. Google is strict about it.
For the same application you are updating it's version. Then there is
no need of having previous apk file but there should be same keystore
which you have used to sign the first apk file which is on google
play. Also follow the same steps which you have done for first apk
file.
In case you don't have same keystore then :( you simply cannot update the same application as of now.