I build an app for android and I already export it to apk, can I change its version code if it's already exported? How can I do that?
I lost the backup code and I only have the update one and need to get back at first one, the only thing I can do is to increase version code from the apk backup and then my app will upgrade (while actually downgrade) automatically
You need to open apktool.yml
from there you can modify the version code
Yes, use [this link][1] it explains many things over there. I will copy paste it:
Tools:
apktool — tool for reverse engineering Android apk files. In this case we are using to extract files from apk and rebuild.
keytool — Java tool for creating keys/certs, that comes with the JDK.
jarsigner Java tool for signing JAR/APK files, that comes with the JDK.
zipalign — archive alignment tool, that comes with the Android SDK.
Instructions:
apktool d my_application.apk
Change versionCode in apktool.yml.
apktool b my_application
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application/dist/my_application.apk alias_name
jarsigner -verify -verbose -certs my_application/dist/my_application.apk
zipalign -v 4 my_application/dist/my_application.apk my_application/dist/my_application-aligned.apk
But to be honest, i still couldn't manage it, Google Play Store says "ERROR: MIN_SIG_SCHEME_FOR_TARGET_SDK_NOT_MET: Target SDK version 30 requires a minimum of signature scheme v2; the APK is not signed with this or a later signature scheme", so i don't guarrantee you that it will work but you can give it a try.
[1]: https://medium.com/#sandeepcirusanagunla/decompile-and-recompile-an-android-apk-using-apktool-3d84c2055a82
you can do the followings
decompile the apk
update the versioncode in manifest
again recompile the apk
you can use apktool
It's simple:
You need to,
Download the apk (Under release management on google play
console and go to Artifact Library)
Decompile the apk
Update the versioncode in manifest
Recompile the apk
Related
I've published a few apps but eventually will need to do updates, most of the time it's fine, but soon enough.. I get an error when updating my app saying the fingerprint certificate is wrong. Answers all point to the need to save and reuse the original keystore or you're SOL. Just a few things to explain:
I have no clue what a keystore is.
I have no clue how to save it when making an app.
I have no clue how to restore it in future versions of my app that have used an alternate keystore for some reason or other.
What I'm trying to figure out is, what's the best practice to ensure that whenever I'm messing with my app to future develop it, how do I prevent changing this damn keystore? Is it whenever I update cordova? Update a platform? etc.. I feel like my apps have a ticking time-bomb that eventually stops it from being able to update on the Play Store. I'm using Cordova btw.
Been doing some research for about a day and a half before asking, so any help is appreciated.
Here's what I've gathered...
STEP ONE - CREATE A .KEYSTORE FILE:
Navigate to C:\Program Files\Java\jre7\bin (usually this), open command window and type:
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
STEP TWO - CREATING AN UNSIGNED VERSION OF YOUR APP
Build an unsigned version of the app in a command window that's opened in your project folder:
cordova build android --release
STEP THREE - SIGN THE RELEASE WITH YOUR SAVED KEYSTORE
Running the first command below will show all entries in your keystore, look for Alias name’ in the output, then use that value in the second command. In CMD:
keytool -list -v -keystore /path/to/your.keystore
jarsigner -sigalg SHA1withRSA -digestalg SHA1 -keystore /path/to/your.keystore android-release-unsigned.apk alias_name
STEP FOUR - CHECKING YOUR WORK:
Let's make sure everything was updated correctly before adding your app, otherwise you may run into this mess all over again.
First, unzip the APK and extract the file /META-INF/ALIAS_NA.RSA (this file may also be CERT.RSA or other, but there should only be one .RSA file).
Then issue this command:
keytool -printcert -file ALIAS_NA.RSA
You will get certificate fingerprints like this:
MD5: B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB
SHA1: 16:59:E7:E3:0C:AA:7A:0D:F2:0D:05:20:12:A8:85:0B:32:C5:4F:68
Signature algorithm name: SHA1withRSA
Then use the keytool again to print out all the aliases of your signing keystore:
keytool -list -keystore my-signing-key.keystore
You will get a list of aliases and their certificate fingerprint:
android_key, Jan 23, 2010, PrivateKeyEntry,
Certificate fingerprint (MD5): B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB
We can now determine the apk has been signed with this keystore, and with the alias 'android_key'.
Keytool is part of Java, so make sure your PATH has Java installation dir in it.
Store this somewhere you'll remember and use information where you'll remember (or safely store this info somewhere, a tattoo comes to mind).
STEP FIVE - ZIPALIGN YOUR APP: Navigate to your Android SDK folder and search for zipalign, use the most recent one. Then:
zipalign -f -v 4 "path/to/unsigned-apk" "path/you/want/signed/apk"
A lot of this info was found from all over stackoverflow, then compiled here for myself and others to reference in the future.
I'm trying to deploy an android apk created by Cordova but I'm wrong. Here is my process :
1)Build the release apk : cordova build android --release
2)Generate a keystore : keytool -genkey -v -keystore my-release-key.keystore -alias com.MyCompany.AppsName -keyalg RSA -keysize 2048 -validity 10000
I create password named MyPass, and write all information in the form (name, country,...)
3)Signed the Apps : jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore android-release-unsigned.apk com.MyCompany.AppsName
4)Checked for signing : jarsigner -verify -verbose -certs android-release-unsigned.apk
I get this output :
"jar verified.
Warning:
This jar contains entries whose certificate chain is not validated.
This jar contains signatures that does not include a timestamp. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2043-12-07) or after any future revocation date."
5)Zip the Apk : "c:\pathtosdk\zipalign.exe" -v 4 android-release-unsigned.apk com.MyCompany.AppsName.apk
6)And then i copy the Apk on a android device.
But when I try to install the Apps, the device ask me to allow unknown sources... like it's not signed.
Is anyone who know where i'm wrong ?
Thanks in advance
Your apk is probably signed and perfectly fine. the reason it asks to allow unknown sources because by default it does not allows to install .apk files from other sources than google play store. Security issues
https://support.google.com/nexus/answer/2812853?hl=en
That's the message you will receive if your not downloading the app from the play store which is true for you case. That doesn't have anything to do with the app being signed.
Try to install a derived a apk. First release your app in Alpha Release of play store. Then download the derived apk from alpha release. I think that will help.
So i'm about to publish my apps new version to android store, there was an old version of it in play store but i make a completely different project from it so i didn't use the folders which contains the project on itself.
Because of that my private key is not in my new version right now. When i looked the documentation of ionic it says that :
Now, we need to sign the unsigned APK and run an alignment utility on
it to optimize it and prepare it for the app store. If you already
have a signing key, skip these steps and use that one instead.
Actually "If you already have a signing key, skip these steps and use that one instead." part is not clear enough for me.
I have the .keystore file from old version but I'm little bit lost right now.
What does this "skip those steps and use that one instead" means? What am I supposed to do right now?
Where should I place that .keystore file?
Am I done after placing the .keystore file or should I do something
else?
What is that code($ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore HelloWorld-release-unsigned.apk alias_name) for? Should I use it?
What is that alias_name part?
Should I do something else?
I would appreciate a help, I'm totally lost right now
The procedure is the same as when you first time published app (build the release app file - signing the APK file - optimize the APK). This time you do not have to create keystore file because you already have one. You'll reuse the same keystore for the entire life of the app, so you need to keep it for as long as you plan to support the app.
1.) If you already have keystore file you do not have to do new one.
2.) Put android-release-unsigned.apk and keystore in same folder. First rename android-release-unsigned.apk to example MyApp.apk
3.) You need to sign your app with that file.
4.) Yes, you should. In step 2 after you put MyApp.apk and MyApp.keystore in same folder.
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore MyApp.keystore MyApp.apk MyApp
5.) This is the name of your application.
6.) And then just optimize the app. $ zipalign -v 4 MyApp.apk MyAppNew.apk
I'am trying to build the final release version of my app that using phonegap 3.0 and a few plugins. I have followed this answer on SO to link my keystore file to the app however I am not sure this is working.
Everything runs locally when I use phonegap run android.
Into myapp/platforms/android I have placed ant.properties
key.store=/Users/XXXXX/Desktop/keystore/my-release-key.keystore
key.alias=FishAppKey //I wasn't sure as it is suggested this can be whatever.
When I build my app instead of placing the .apk files into platforms/android/bin they are put into platforms/android/ant-build?
When I move into platforms/android and run ant release I get Build failed ...tools/ant/build.xml:698:null returned 1
Really I am trying to figure out how to go from phonegap run android to a apk file I can upload to google play.
As answer to your comment, you use jarsigner and pass the full path to your keystore in the -keystore argument. So let's say your keystore is on the desktop and named yourkeystore.keystore,
On Windows you would :
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore %userprofile%\Desktop\yourkeystore.keystore yourappname-release-unsigned.apk youraliasforthekeystore
On linux (and probably OSX also):
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore $HOME/Desktop/yourkeystore.keystore yourappname-release-unsigned.apk youraliasforthekeystore
And of course you can replace yourappname-release-unsigned.apk with the full path of your apk in case it's not in the current directory.
I decompiled an APK using APKTool 2.0 Beta 9 and then rebuilt all without doing changes to the sources.
Then I rebuilt the APK using this command:
java -jar apktool.jar build myfolder myapk.apk
But I cannot install the generated APK file on my phone. It tells me:
Application not installed.
Am I missing something ?
I even didn't change the code.
Your new recompiled apk is not signed and according to the rules, you cannot install unsigned apk.
One good thing which I like is that you can self sign the apk file.
You will have to use "Keytool" for generating your own certificate.
Here is the command :
keytool –genkey –v -keystore [nameofkeystore] –alias [your_keyalias] –keyalg RSA –keysize 2048 –validity [numberofdays]
This will ask you few things, just fill it appropriately.
Once the certificate is generated, use "jarsigner" for signing your apk.
jarsigner –verbose –sigalg MD5withRSA –digestalg SHA1 –keystore [name of your keystore] [your .apk file] [your keyalias]
Now try installing your new apk file and everything should work fine.
EDIT - I am using keytool and jarsigner commands directly as I have set their paths in PATH variable. In your case, you will have to traverse to "bin" folder of the jdk directory.
/bin/
You need to resign the regenerated APK file using jarsigner:
$ jarsigner -verbose -keystore my-release-key.keystore HelloWorld.apk alias_name