When i try to uploading new update of my app, gives me this error "The apk must be signed with the same certificates as the previous version".
Procedure:
I use export wizard from eclipse, than load old cert file from my folder, i enter password correctly (i test it to enter incorrect, and cant go further) so i know for shure that is correct, and for alias the correct pass to, and save the apk. When i try to upload gives me the error. The package is the same, and oll the stuff.
Can anyone tell me where is the problem ?
Most definitely your certificates are different, you may check using the following commands:
unzip -d tmp filename.apk META-INF/CERT.RSA
keytool -printcert -v -file tmp/META-INF/CERT.RSA
where filename.apk is you apk for current and/or previous version.
One of three things could cause this problem:
Using a different private key cert (sounds like you don't think this is your problem)
Not increasing the versionCode and versionName in android manifest
Using a different package name
Hopefully it's not that you lost the cert! Good luck! Someone mentioned that it is possible to sign an old version of your app with multiple certs, and then continue to use the one you still have like this
Related
I need to locate the release signing key for an android app from 4+ years ago. I have the codebase, and the MBP it was last worked on, but the person who worked on it was very disorganized.
I have multiple directories called /proj, /proj2, /desktop_proj, /old/proj...each has 2-3 apks in it. Source control is a similar mess.
I don't know what IDE they used to work on this project. I have IntelliJ, Eclipse, and Android Studio on this old machine. I can search all of them but I don't know where to look.
I did a find and none of the keystores (.jks or .keystore) really match up.
Basically, I was thinking to go the other way -- get the current release apk from google play and check out the keystore on it.
keytool -list -printcert -jarfile super-old-app__release.apk
Then, I can ... do something ... to find the actual name of the key used to create the signing build. Though now that I think of it, I don't know the passwords.
Anyways, maybe I can find that, once I get the actual keys. Does anyone possibly have any suggestions?
If you know alias used in app, you can reverse search it for all files ( search for .JKS or .keystore or without extension ).
Write a batch program searching in complete disk with taking file name as input parameter running
keytool -list -keystore XXX.XXX -alias **YOURAPPAliasname**
Write output of above batch program to a file. All files except one should return you java.lang.Exception: Alias does not exist or incorrect format.
You can modify above batch program to additionally find signature of key to match with signed key. See solutions provided in this link - How do I find out which keystore was used to sign an app?
when I updated my android app i got the following error message:
Re-installation failed due to different application signatures.
You must perform a full uninstall of the application. WARNING: This will remove the application data!
Please execute 'adb **' in a shell.
Launch canceled!
I personally got no problems with that but my question now is ... if I export the apk with the same keystore I used for previous updates. Is the app update a simple download for my users ?
Or will they have any problems with it ?
Btw: I didnt format my computer or changed anything about my eclipse folder or my folder where I save my keystore etc.
Thanks in advance!
Greets
Is the app update a simple download for my users ?
Only if it was signed by the same production signing key as you used originally, which would not appear to be the case here.
I didnt format my computer or changed anything about my eclipse folder or my folder where I save my keystore etc.
Despite that, you attempted to update an APK with one signed by a different signing key (e.g., debug vs. production). Use jarsigner -verify -verbose -certs ..., where ... is the path to your APK, to dump signing information, so you can compare your old APK to your new one.
this is my first time of trying to sign a map and i get this error from my mac terminal saying alias <----->does not exist am trying to get my MD5 from my mac using the key tool. i have google for a while now, thank you , i will be here waiting for your response
Since you are using Eclipse, I suggest the following:
In Eclipse, go to Window -> Preferences.
Click on Android -> Build.
You will see an entry for Default debug keystore and the directory/file that it is currently present in.
That is file you need to be firing those keytool commands on. The -keystore parameter will point to the file you see in step 3 above.
Hope this helps.
It sounds like you have the alias wrong from eclipse, or actually if I had to guess, the file location wrong. I'd try making a new keystore and doing it again. Based on what you're saying the error is, I would be shocked if the problem was not in your alias/keystore setup being consistent with the command you are using. IE having the alias wrong, or improperly pointing at the keystore you created etc. Unfortunately, without more details on how exactly you setup your keystore and where you are running the command from etc, it is impossible to debug further from here. If you cannot fix it on your own, I'd suggest taking some screenshots of setting up the keystore and then write down the exact command you are using for the keytool and posting them.
I have a problem, I developed an application in sencha touch v1, then I generated a PhoneGap apk with no problems but when posting it to google play I knew I had to sign the application. anyone know how I can do this procedure?
thanks in advance
Here's what worked for me:
Make sure your app is good to go
Make sure you’ve set your version number in AndroidManifest.xml. Google Play won’t accept it unless it is different than the previous versions in the store. versionCode is an integer value, so just increment it by 1 each time you submit regardless of whether it’s a major or minor update. versionName isn’t used for anything except for displaying to users and it’s a string so you can name it whatever you want. For example, you could set it to 1.0.3 while versionCode might be 3. (http://developer.android.com/tools/publishing/versioning.html#appversioning)
http://schemas.android.com/apk/res/android”>
Create a keystore file
Create a keystore file and set a password. I won’t go into a lot of detail about how to actually do this. Just make sure you don’t lose this file. If you lose it, and you have to create a new one, then it will become a new app when you try to add it to the Google Play Store. (http://developer.android.com/tools/publishing/app-signing.html#cert)
Always use a different keystore file for each app because it’s your private key for uploading apps to the store. If you ever decide to transfer your app to another developer, you’ll have to give them the keystore file, and if you also use that keystore for other apps, then you have a security issue. (http://developer.android.com/tools/publishing/app-signing.html#secure-key)
Put the keystore file somewhere on your computer. It doesn’t really matter where.
Tell ant where your keystore file is for this app
Then you just need to tell ant where the keystore file is by going to your android project folder (For phonegap it’s in platforms/android) and create an ant.properties file and put the following in it:
key.store=/Users/username/Documents/path/to/my-release-key.keystore
key.alias=app_name
Where key.store equals the path to the keystore file starting at the C Drive, and key.alias is just whatever you want to call it for short. You’ll use the alias in the following commands.
Build your app
Open up the command prompt, and navigate to your project and run phonegap build.
phonegap build android
in platforms/android/bin you should have:
AppName.ap_
AppName.ap_.d
AppName-debug.apk
AppName-debug-unaligned.apk
AppName-debug-unaligned.apk.d
Sign in release mode
Then navigate to the android directory and run ant release:
cd platforms/android
ant release
It will prompt you for your keystore password and the password for the alias ‘app_name’. Enter your keystore password for both of them.
In platforms/android/bin you should now also have release versions of the app:
AppName-release.apk
AppName-release-unaligned.apk
AppName-release-unsigned.apk
AppName-release-unsigned.apk.d
Now move into the bin directory:
cd bin
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore /Users/username/Documents/path/to/my-release-key.keystore AppName-release-unsigned.apk app_name
Enter your keystore password
jarsigner -verify -verbose -certs AppName-release-unsigned.apk
If you get a warning like this ignore it:
Warning: This jar contains entries whose certificate chain is not validated.
zipalign -v 4 AppName-release-unsigned.apk AppName.apk
it will say:
Verification successful
And your final apk (AppName.apk) will be created in the bin directory.
(http://developer.android.com/tools/publishing/app-signing.html#releasemode)
Then you can upload to Google Play.
I hope this helps. Let me know if you have any questions.
http://www.adamwadeharris.com/sign-publish-phonegap-app-google-play-store-windows/
Things to know:
I'm kinda new to programming
I have installed Eclipse with the Android platform loaded on my Macbook Pro
I have 2 PCs as well for further troubleshooting and flexibility
I commissioned a developer to port an iOS app to the Android platform. I did not build the app myself, I paid to have other people do it. I was able to run the avd and emulator and install/uninstall/reinstall with success through the adb protocol. Now I'm on to sign the APK for release in the Android Marketplace, except that's where I'm stuck. I have attempted and researched the hell out of this to no avail. I think the issue I'm running into is the materials I find are outdated.
Methods I've tried:
Using command prompt on my PC, I used the keytool command via the instructions here and was able to get through the first half, but when prompted for the second half I kept getting "cannot find jvm.dll". This guy had a similar issue, but no instructions on how to solve it, which he did apparently. NOTE: I did not find jarsigner.exe in ANYWHERE on any of my computers. I downloaded it from a website. Could be corrupt or invalid I suppose. Could never get a signed APK.
I found "signapk.rar" from this site and it actually seemed to work. I followed the instructions to a T and it produced the signed APK like it was supposed to. The problem was when I attempted to upload it, the Marketplace told me it expired before the 2033 date, whatever that was. So I assume that the code in this program had a validity entry that was large enough. I don't know how to change that, if that is the issue.
I came across Portecle just yesterday and was able to create a keystore and a certificate. I know where they are in my directory, but I don't know how to use that to sign the APK. It's terribly confusing.
Signing in Eclipse. This is the least successful method because I can't for the life of me figure out how to work the damn thing. I know I can't just 'import apk' and it work like magic, but that'd be great if it did. I created a new project and imported the file system after changing my APK to a ZIP. One time it imported the manifest and the other time it didn't do anything. I'm certain it's user error.
I understand if this were an easy process, everybody could be a developer. That's obviously not the case, so I'm trying to figure it out on my own while my developer is out of the country. Any and all help is appreciated.
Assumptions:
Assuming you have the keystore (private key to sign the apk) already generated by you.You can use the command line to do the signing without eclipse or android studio if the yourApp-unsigned.apk is already generated by your vendor or you
You are Using Windows for the below steps
Signing the apk:
Add the path for your jdk bin to your system variables (if you don't know how to do, that look for it its easy search for how to add path to windows system variables)
This is my jdk path (use yours)
C:\Program Files\Java\jdk1.8.0_25\bin
open Command Line and type the below using your App apk and keystore key
jarsigner -verbose -keystore c:\users\android\myAppKeyStore.keystore
c:\users\blabla\Desktops\myAppAPK.apk my_keystore_alias
if success, it will promote you to enter key phrase/password of your private key (the one used for your private key generation which you should know)
Verify it was signed Successfully using the command line
jarsigner -verify c:\users\blabla\Desktops\myAppSignedAPK.apk