I have a problem, I developed an application in sencha touch v1, then I generated a PhoneGap apk with no problems but when posting it to google play I knew I had to sign the application. anyone know how I can do this procedure?
thanks in advance
Here's what worked for me:
Make sure your app is good to go
Make sure you’ve set your version number in AndroidManifest.xml. Google Play won’t accept it unless it is different than the previous versions in the store. versionCode is an integer value, so just increment it by 1 each time you submit regardless of whether it’s a major or minor update. versionName isn’t used for anything except for displaying to users and it’s a string so you can name it whatever you want. For example, you could set it to 1.0.3 while versionCode might be 3. (http://developer.android.com/tools/publishing/versioning.html#appversioning)
http://schemas.android.com/apk/res/android”>
Create a keystore file
Create a keystore file and set a password. I won’t go into a lot of detail about how to actually do this. Just make sure you don’t lose this file. If you lose it, and you have to create a new one, then it will become a new app when you try to add it to the Google Play Store. (http://developer.android.com/tools/publishing/app-signing.html#cert)
Always use a different keystore file for each app because it’s your private key for uploading apps to the store. If you ever decide to transfer your app to another developer, you’ll have to give them the keystore file, and if you also use that keystore for other apps, then you have a security issue. (http://developer.android.com/tools/publishing/app-signing.html#secure-key)
Put the keystore file somewhere on your computer. It doesn’t really matter where.
Tell ant where your keystore file is for this app
Then you just need to tell ant where the keystore file is by going to your android project folder (For phonegap it’s in platforms/android) and create an ant.properties file and put the following in it:
key.store=/Users/username/Documents/path/to/my-release-key.keystore
key.alias=app_name
Where key.store equals the path to the keystore file starting at the C Drive, and key.alias is just whatever you want to call it for short. You’ll use the alias in the following commands.
Build your app
Open up the command prompt, and navigate to your project and run phonegap build.
phonegap build android
in platforms/android/bin you should have:
AppName.ap_
AppName.ap_.d
AppName-debug.apk
AppName-debug-unaligned.apk
AppName-debug-unaligned.apk.d
Sign in release mode
Then navigate to the android directory and run ant release:
cd platforms/android
ant release
It will prompt you for your keystore password and the password for the alias ‘app_name’. Enter your keystore password for both of them.
In platforms/android/bin you should now also have release versions of the app:
AppName-release.apk
AppName-release-unaligned.apk
AppName-release-unsigned.apk
AppName-release-unsigned.apk.d
Now move into the bin directory:
cd bin
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore /Users/username/Documents/path/to/my-release-key.keystore AppName-release-unsigned.apk app_name
Enter your keystore password
jarsigner -verify -verbose -certs AppName-release-unsigned.apk
If you get a warning like this ignore it:
Warning: This jar contains entries whose certificate chain is not validated.
zipalign -v 4 AppName-release-unsigned.apk AppName.apk
it will say:
Verification successful
And your final apk (AppName.apk) will be created in the bin directory.
(http://developer.android.com/tools/publishing/app-signing.html#releasemode)
Then you can upload to Google Play.
I hope this helps. Let me know if you have any questions.
http://www.adamwadeharris.com/sign-publish-phonegap-app-google-play-store-windows/
Related
I need to locate the release signing key for an android app from 4+ years ago. I have the codebase, and the MBP it was last worked on, but the person who worked on it was very disorganized.
I have multiple directories called /proj, /proj2, /desktop_proj, /old/proj...each has 2-3 apks in it. Source control is a similar mess.
I don't know what IDE they used to work on this project. I have IntelliJ, Eclipse, and Android Studio on this old machine. I can search all of them but I don't know where to look.
I did a find and none of the keystores (.jks or .keystore) really match up.
Basically, I was thinking to go the other way -- get the current release apk from google play and check out the keystore on it.
keytool -list -printcert -jarfile super-old-app__release.apk
Then, I can ... do something ... to find the actual name of the key used to create the signing build. Though now that I think of it, I don't know the passwords.
Anyways, maybe I can find that, once I get the actual keys. Does anyone possibly have any suggestions?
If you know alias used in app, you can reverse search it for all files ( search for .JKS or .keystore or without extension ).
Write a batch program searching in complete disk with taking file name as input parameter running
keytool -list -keystore XXX.XXX -alias **YOURAPPAliasname**
Write output of above batch program to a file. All files except one should return you java.lang.Exception: Alias does not exist or incorrect format.
You can modify above batch program to additionally find signature of key to match with signed key. See solutions provided in this link - How do I find out which keystore was used to sign an app?
Guys I've used Cordova to convert a HTML/CSS/JAVASCRIPT program into an Android project but in the end I get just android-debug.apk without android-debug-unaligned.apk file.Before I make the keystore and the release version, is there any problem that I miss that file? Can I upload it by making the release version only with this file?
Update the AndroidManifest. Open /myApp/platforms/android/AndroidManifest.xml and update. VersionCode is what will display in the store; versionName is for your internal use and won't be shown: android:versionCode="10000″ android:versionName="1.0.0″ (Note on format: "10000" = 1.00.00.)
Make sure the following is accurate (change com.developerName.myApp to your own information here and throughout this page):
**package="com.developerName.myApp"**
Make sure the following is 11 or higher (I choose 19.):
**android:minSdkVersion="11"**
Open /myApp/config.xml and make sure the widget id and version are the same as in AndroidManifest.xml.
The following steps create your private key and the keystore file in which to store it. In Terminal, make sure your starting position is within your app's root folder of /myApp and run the following. (To start commands from your app root folder in Terminal, open the Terminal app, type cd and a space, drag the /myApp folder to Terminal, tap in Terminal to activate its window, then hit Enter.)
keytool -genkey -v -keystore myapp.keystore -alias myapp -keyalg RSA -keysize 2048 -validity 10000
You'll be prompted to answer several questions. Use only legal characters like letters and numbers, not punctuation. For 2-letter country code, look up this list: http://www.worldatlas.com/aatlas/ctycodes.htm
You will then review the data presented. At that point, if any of the information is wrong, type the two letters to re-enter that information. For instance, type cn to change your first and last name. Otherwise, confirm the information by typing "yes." Then just hit Enter if the password for the following Terminal information will be the same as the previous.
Your keystore file will be located at /myApp/myapp.keystore. This needs to be copied to a safe place ASAP. Your customers will not be able to update to the next version without this file.
Copy myapp.keystore to /platforms/android.
Now it's time to sign the app with the key and create the release version.
Open /platforms/android/local.properties (or project.properties) in a text editor.
Add these two lines at the end and save, even though it says, "Do not modify this file -- YOUR CHANGES WILL BE ERASED!"
key.store=myapp.keystore
key.alias=myapp
Still in your /myApp folder in Terminal, run:
cordova build android --release
You'll be asked for your password twice and it won't be obfuscated.
Your myApp.apk file is put in /myApp/platforms/android/ant-build/CordovaApp-release.apk. (If not there, it may be in /myApp/platforms/android/build/outputs/apk.) This is the file you rename and upload to Google Play
when I updated my android app i got the following error message:
Re-installation failed due to different application signatures.
You must perform a full uninstall of the application. WARNING: This will remove the application data!
Please execute 'adb **' in a shell.
Launch canceled!
I personally got no problems with that but my question now is ... if I export the apk with the same keystore I used for previous updates. Is the app update a simple download for my users ?
Or will they have any problems with it ?
Btw: I didnt format my computer or changed anything about my eclipse folder or my folder where I save my keystore etc.
Thanks in advance!
Greets
Is the app update a simple download for my users ?
Only if it was signed by the same production signing key as you used originally, which would not appear to be the case here.
I didnt format my computer or changed anything about my eclipse folder or my folder where I save my keystore etc.
Despite that, you attempted to update an APK with one signed by a different signing key (e.g., debug vs. production). Use jarsigner -verify -verbose -certs ..., where ... is the path to your APK, to dump signing information, so you can compare your old APK to your new one.
I'm developing an android project signing my app (while developing) with the debug.keystore ... Now I need to use the "real" production keystore (the one which I use when I upload my apk to the play store), while developing to test some in app purchases things.
So it would be great to use the production keystore in eclipse to start the app on my device, so I could use the eclipse debugger etc.
After finishing this testing I want to switch back to the debug.keystore .
So I tried to replace the debug.keystore file in the .android folder, but then I get the error:
Keystore was tampered with, or password was incorrect
since I have not entered the password yet. Where do I enter the password in eclipse (juno)?
Or is there better way (in a wizzard for example) in eclipse, without replacing the debug.keystore file directly, to specify the current keystore that should be used when launching my android application from eclipse run button?
Change the password to default password i.e. android.
here is the SO link . how to Change the Keystore password
I would like to just enter the password in eclipse for the release keystore (like in the export dialog).
Since there is no dialog & I don't want to mess with eclipse internal configuration I use a custom keystore as a work-around.
Read this answer for how to use your release keystore for debugging
If you have taken the backup of the debug.keystore and replaced it then it should not be a issue in replacing it back, However you can specify the debug.keystore from
Eclipse tool bar > Windows> Preference> Android> Build> Custom Keystore.
Also if you want the Keystore to be recreated simply delete it, eclipse will recreated on next run.
If you specify a custom keystore, you have to make sure that the entries are what the eclipse environment expects. Maybe they're not lining up with those requirements? Check out the docs
specifically the Signing in Debug Mode section for details
When i try to uploading new update of my app, gives me this error "The apk must be signed with the same certificates as the previous version".
Procedure:
I use export wizard from eclipse, than load old cert file from my folder, i enter password correctly (i test it to enter incorrect, and cant go further) so i know for shure that is correct, and for alias the correct pass to, and save the apk. When i try to upload gives me the error. The package is the same, and oll the stuff.
Can anyone tell me where is the problem ?
Most definitely your certificates are different, you may check using the following commands:
unzip -d tmp filename.apk META-INF/CERT.RSA
keytool -printcert -v -file tmp/META-INF/CERT.RSA
where filename.apk is you apk for current and/or previous version.
One of three things could cause this problem:
Using a different private key cert (sounds like you don't think this is your problem)
Not increasing the versionCode and versionName in android manifest
Using a different package name
Hopefully it's not that you lost the cert! Good luck! Someone mentioned that it is possible to sign an old version of your app with multiple certs, and then continue to use the one you still have like this