Develop Reference

Cannot update debug APK on device

I face a problem when trying to install debug type .apk file over another one on my device. I have an app with versionCode=n already installed. When I try to install the same app with versionCode=n+1 i get an error.
Here is the message after i call the command adb install xxx.apk
failed to install xxx.apk: Failure
[INSTALL_FAILED_UPDATE_INCOMPATIBLE: Package xxx signatures do not
match the previously installed version; ignoring!]
All my .apk files are signed with Android debug keystore. It is confirmed by command jarsigner -verify -verbose -certs xxx.apk that gives me next message:
Signed by "C=US, O=Android, CN=Android Debug"
Digest algorithm: SHA-256
Signature algorithm: SHA256withRSA, 2048-bit key
jar verified.
These .apk files are built via TeamCity CI that just calls assembleDebug command.
It is very strange because I can update release APK files built by CI easily. This problem occurs only in case of debug builds.
Do you have any idea about this?
Thanks in advance

Each debug build of your android application will be signed with the debug keystore.
This is a problem because in continous integration environments, like travis-ci or docker, the debug keystore is regenerated on each creation of the environment.
This means if someone has a debug version of your application, they won't be able to upgrade to a more recent version, because the keystores will be different.
Credits to: https://newfivefour.com/android-debug-build-constant-signed-keystore.html
Also to compare if two apks are signed with the same key:
check: How do I find out which keystore was used to sign an app?

Signing APK breaks installation

I am resigning an APK with my own keys using the command line jarsigner.exe -keystore Keys.jks base.apk debug0, after deleting META-INF/CERT.RSA, CERT.SF and MANIFEST.MF, without touching anything else.
My issue is that after resiging, installing via adb install base.apk gives me the error Failure [INSTALL_FAILED_INVALID_APK: Failed to extract native libraries, res=-2].
How can I solve this? In the AndroidManifest extractNativeLibs is set to false, at least as far as apktool can decode it. So I do not see any reason the libs should be extraced at all...

To get it to work i had to
zipalign the apk (zipalign.exe -p 4 base.apk base_aligned.apk)
sign it using apksigner (apksigner.exe -ks Store.ks base_aligned.apk)

Google Play Console signing error/invalid signature after rebuilding react-native

Our team decided to upgrade our react-native version from 0.59.x to 0.61.5. We have so many difficulty upgrading it so we decide to start a new repo from fresh (npx react-native init appName) and copy over our code.
After we make sure the app are running both on Android and ios simulator. We use the same scripts to build the .aab file and upload to Google Play Console. But Google Play Console won't let us. This is the error message shown:
Upload failed
You uploaded an APK with an invalid signature (learn more about
signing). Error from apksigner:
There is no other error message after "apksigner:" so I am pretty sure it is a different problem than other similar questions on stack overflow.
I am also sure that we are using the same keystore file
Below is how we build our .aab file
curl "http://localhost:8081/index.bundle?platform=android" -o "android/app/src/main/assets/index.android.bundle"
cd $REPO_PATH/android
./gradlew bundleRelease
cd ..
# sign the aab
jarsigner -sigalg SHA1withRSA -digestalg SHA1 -keystore ~/my-release-key.keystore $REPO_PATH/android/app/build/outputs/bundle/release/app.aab traytAndroidKey
# zipalign the aab and output it to another file
$HOME/Library/Android/sdk/build-tools/28.0.3/zipalign -f -v 4 $REPO_PATH/android/app/build/outputs/bundle/release/app.aab $REPO_PATH/android/app/build/outputs/bundle/release/app-release-signed-aligned-$VERSION_CODE.aab
Please help :(

It seems that you are uploading an AAB and not an APK.
AABs don't need to be zip-aligned.
Try only signing with jarsigner.
Also, try verifying the signature with jarsigner too.

Is there a command I can use to sign my modified apk on the command line in Linux?

I have an apk file that I built using Adobe Phonegap Build. As described in this question, I have to modify the apk generated by Adobe Phonegap Build before uploading it to the Google Developer Console.
I can successfully edit the file, repack the apk, and "zipalign" it. However, I am stuck on signing it. Instructions I have come across on the web assume either that one is using Eclipse, or that one is on Windows. I am on Linux, I don't use Eclipse, and I am at the command line.
I understand that to sign my app I need to have signing keys on hand, but beyond that I am unclear on what commands I need and what the parameters are.
I was able to get the zipalign command from the Android SDK and run it as a standalone at the command line. I'm hoping that there is a similar way I can run a program at the command line to sign my app.
Is there a command I can use to sign my modified apk on the command line in Linux?

For this you use standard Java SE tools: jarsigner and keytool.
From Android documentation on signing:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
Remember that you should first sign and then align.

Installation error: INSTALL_PARSE_FAILED_NO_CERTIFICATES

At the risk of repeating what appears to be a very common complaint, I think I have a substantial variation on this bug.
The application won't install from Eclipse and this appears in the console: Installation error: INSTALL_PARSE_FAILED_NO_CERTIFICATES.
LogCat provides some illumination: Package com.xxx has no certificates at entry assets/fonts/helvetica_neue.ttf; ignoring!
Meaning that the device (or emulator) believes that this particular file wasn't signed.
The usual solutions proposed for this are:
- Rename the offending file. We've tried that, it then complains about the next file, then the next, and so on.
- Add a dummy file. Tried that too. It complains about the new file, regardless of what it's called.
- Compile for greater than Android 1.6. We're compiling for 2.3.
It's worth noting this only happens when we launch a unit test. We can install the "real" application on its own with no difficulties. We're also using Maven and, of course, the Maven Android plugin.
Any insights or suggestions would be very welcome and of course if we figure it out on our own I'll post any findings.

I encountered this through normal debugging - while it's unlikely to help all the time, simply going to Project -> Clean and rebuilding everything may be enough to clear the error.

I found it was due to my JDK version. I was having this problem with 'ant' and it was due to this CAUTION mentioned in the documentation:
http://developer.android.com/guide/publishing/app-signing.html#signapp
Caution: As of JDK 7, the default signing algorithim has changed, requiring you to specify the signature and digest algorithims (-sigalg and -digestalg) when you sign an APK.
I have JDK 7. I can't speak for your Maven, but it is probably the same issue. In my Ant log, I used -v for verbose and it showed
$ ant -Dadb.device.arg=-d -v release install
[signjar] Executing 'C:\Program Files\Java\jdk1.7.0_03\bin\jarsigner.exe' with arguments:
[signjar] '-keystore'
[signjar] 'C:\cygwin\home\Chloe\pairfinder\release.keystore'
[signjar] '-signedjar'
[signjar] 'C:\cygwin\home\Chloe\pairfinder\bin\PairFinder-release-unaligned.apk'
[signjar] 'C:\cygwin\home\Chloe\pairfinder\bin\PairFinder-release-unsigned.apk'
[signjar] 'mykey'
[exec] pkg: /data/local/tmp/PairFinder-release.apk
[exec] Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES]
I signed the JAR manually and zipaligned it, but it gave a slightly different error:
$ "$JAVA_HOME"/bin/jarsigner -sigalg MD5withRSA -digestalg SHA1 -keystore release.keystore -signedjar bin/PairFinder-release-unaligned.apk bin/PairFinder-release-unsigned.apk mykey
$ zipalign -v -f 4 bin/PairFinder-release-unaligned.apk bin/PairFinder-release.apk
$ adb -d install -r bin/PairFinder-release.apk
pkg: /data/local/tmp/PairFinder-release.apk
Failure [INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES]
641 KB/s (52620 bytes in 0.080s)
I found that answered here.
How to deal with INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES without uninstallation
I only needed to uninstall it and then it worked!
$ adb -d uninstall com.kizbit.pairfinder
Success
$ adb -d install -r bin/PairFinder-release.apk
pkg: /data/local/tmp/PairFinder-release.apk
Success
641 KB/s (52620 bytes in 0.080s)
Now I only need modify the build.xml to use those options when signing!

For those with this problem...
Select V1 (jar signature) instead of V2 (full apk signature)
Selecting V2 could also cause this problem.

This is fixed now. Should someone find themselves with the same unique project setup and bug the solution may be of some value.
The problem stemmed from the configuration of our resource directories in the POM of our test project (the project containing our unit tests). They were pointing to the resource directories of the project being tested. This set up should work so I'm going to guess that it's a bug in the Maven Android plugin that causes the resources to remain unsigned.
So the solution was to remove the references to external resource directories (I can't say why it was done that way initially but removing them appears to have no ill effects) and configure the resource directories in the standard way (taking as an example the POM provided by the maven plugin project archetype with tests).

I had this problem with MotoDev 3.0.0
The solution was to delete emulator and create a new one.
In fact, you do not need to delete the old emulator, just create a new one and installation goes smoothly.

Had the same problem, it was that I was configured to use the App Store instead of debug under the Android target configuration, and I hadn't set up the app store yet. Switched back to debug and it was fine.

choose Java SE 6 in the Java preference app