If i use the .apk file that is in the bin directory in the project in the workspace instead of generating the .apk by exporting the project does it make difference?
The apk file in the bin is signed using the debug key, which loses the benefit of signing your App. Your App should be signed using your own key (which is specified when you export the project) which kind of uniquely identify your Apps and protects (or tries to protect) your Apps from having someone alter your App and republish it. Also, when you upload an update for your App, it must be signed with the same key as the original App, so make sure to keep this key safe.
You can use the apk from the bin folder while debugging, but when publishing the app, you must export a signed apk, or sign the one from the bin folder manually.
However, an easier method would be to directly debug on a hardware device from eclipse, as this gives you access to various tools like the adb and LogCat, See this link for details.
Related
I recently made my first app in Android Studio and made it into an APK. Google play said I had the wrong signature for the APK but I don't know how to change the APK with different signatures nor revert the program back in order to manually change it inside Android Studio. Any help on this?
Here is step by step what I did to get to this point. I finished writing my program and went to "build" then "generate signed apks" where I went through the process of making the keys, key store etc. At this point everything is fine. I just need to somehow go back into the apk and either change the signatures of it or unpack the apk in studio and redo the process of generating signed apks.
You need to sign the apk with the same public-key certificate which you use in the previous uploaded apk. When you build the release apk via Build -> Generate Signed Apk.., you will be presented with the following dialog:
Then you must use the same certificate file (something like android.jks) for the Key store path.
The documentation says:
Every app must use the same certificate throughout its lifespan in
order for users to be able to install new versions as updates to the
app. For more about the benefits of using the same certificate for all
your apps throughout their lifespans, see Signing Considerations
below.
So, if you lose the certificate file, there is no way you can upload the apk with the same package name again. It will lose forever, gone. You also can't delete the published apk to reuse the same package name again.
I recently uploaded my game on playstore made with unity but I forgot the password to the keystore when I tried to build an update.
After hours of googling I've learned the importance of the keystore file. After a few trial and error attempts I finally figured out the correct password.
However, what if in the future my keystore.debug file gets deleted accidentally? Will it be generated automatically again by unity or do I need to make a backup for this file on the cloud?
If I need to make a backup than do I need to backup only "user/.android/debug.keystore", or are there other files I need to backup as well?
Some exaplanation:
debug.keystore (located on user/.android/debug.keystore) as the name implies, it is only used for debugging. That means, it's only used when you're sitting on your computer with the phone connected via ADB and typing code.
When developers release an app. Another keystore is used, the "release" keystore. That is the one you selected when clicking "Generate signed APK" or set on your gradle file, that you had to create a password for it. That file can be located anywhere on your system, you created it, you should know where it is. That one is very important. That one is the one that will allow you to update the app on the Play Store.
Direct answers:
debug.keystore is disposable and you don't have to worry with it.
the keystore used when exporting the .apk file, that one is VERY VERY important and YES, make backup of it everywhere you can! On an external hard-drive on your house, on a USB-drive and at least 1 cloud backup (e.g. Google Drive). If you loose that file or the password, you won't be able to update your app again.
I hope it helps.
You have to differentiate between debug.keystore & release keystore
debug.keystore Android User Guide
When running or debugging your project from the IDE, Android Studio automatically signs your APK with a debug certificate generated by the Android SDK tools. The first time you run or debug your project in Android Studio, the IDE automatically creates the debug keystore and certificate in $HOME/.android/debug.keystore, and sets the keystore and key passwords.
No need to remember as its generated automatically
release.keystore
Needed to publish on google play console, But take care after you generate it and used to release signed version for push to production when you app become published you can only send updates using this key. it will be permanent for you app package name on Google play. You have to backup key and it's protection password too.
I have a certificate that is signing my app when I say File -> Export. When I install the apk that way, it works. However, when I just run my app off eclipse while my phone is plugged in, it does not. So obviously it is being signed with another certificate.
How can I get eclipse to sign the apk with the same certificate that is used when exporting the apk?
This person has the exact same problem as me, but no answer either...
You are right, it's signed with other certificate, it's using ~/.android/debug.keystore. I don't know much about eclipse but in Android-Studio with new build system (gradle) its very easy to switch between signing certificates within different variants of an app (e.g. debug/relese even with combinations like free/premium). I don't know if it will work, maybe just replace in your users directory debug.keystore with your own?
Two engineers are working on an android project. To publish the apk (not on Playstore, but private publication), they each run their project and then get the resulting apk and then publish. As it turns out a user cannot simply update between the apks produced from the two different computers. If a user's current apk was published by developer Zack; to update to the latest version, which happen to come from developer Max, the user must in fact delete and reinstall. How do I resolve this problem? I was hoping to find whatever key is used on one of the computers and pass it to the other developer. But I can't find where the keys are stored.
Naturally, I would use Android Tools > Export Signed Application Package to publish. But the present situation is as above. How do I fix that problem without having user's continuously deleting or -- on the other hand -- restrict publication to one machine?
In my case I put the Release Keystore file in the source control. Each developer pull the latest version (wish should not change) from the source control. You can set it up as readonly to secure the key if you like.
If you are using Eclipse when Signing the app, you have to specify the path to the keystore. So there you can get your own keystore path.
On the other hand. If you want to share the Debug Key, in order to play the application from both computers then the key is on your .android directory.
If on windows then is
c:\Users[username].android\
debug.keystore
debug.keyset
If on linux/other is similar
~/.android
I am working on a existing android project for my client. I have made some modification in his application. I am working on eclipse.
After sending the apk he installed it on his mobile but he has a complain that:
Current application failed install, even after it told me it was going to
overwrite my old application information. Please remember to change keystore.
Let me know how can I change the keystore using eclipse so that it will not fail to install on his mobile. Please explain.
Thanks,
Pravin
Every .apk file should be signed with a key(by installing the SDK, you get a debug key). A key is unique and the system will check the key of an apk file if such a package has been installed in the device, to see if the key is the same as the existed one. If the key doesn't match, the .apk file can't be installed, unless you uninstalled the original one.
Now, I think you may have several choices:
sign the apk with your own key and ask you client to uninstall the old one.
sign the apk with your own key and change the package name.
get your client's key and sign the apk with it.
For security reason, your client may not give his key to you. I think the best choice is to compile your project in release mode, and then ask your client to sign it with his private key. See here.
The default Keysotre used by Eclipse is in your Home-Directory in /.android/debug.keystore.
If you want to update an App both, the new and the old Apk have to be signed with the same key.
So you need to figure out which keystore your client used in the first place.
Please note that the debug.keystore is unique on every machine.