When I sign my android app using keytool, it gives above mentioned error.
no manifest. jar is unsigned. (signatures missing or not parsable)
I have created keystore everything. What would be the reason? Any manifest error?
I just received this same issue myself and it occurred when I tried to run
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore
from outside of the directory of my ionic project. When I ran it from the root of the ionic project, it worked. Then I moved the signed apk to a different directory to run zipalign and publish to the Play store.
Related
After I got a signed result I tried to install the .apk file, what failed (output)
I deployed the .apk file
apktool d x.apk
then made some chagnes and rebuild the .apk using
apktool b x.app
I've download root.crt and class3.crt and updated the ca-certificate
created the ca-certificate on my name and use the ca-certificate to signed the .apk
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my_release_key.keystore /root/home/Desktop/x/dist/x.apk john_release_key
I have installed jdk and jre version 1.8.0_121
But the .apk file wasn't installed.
how to go through the problem?
I am trying to build a signed apk for Android platform using cordova.
I have already created unsigned apk using cordova --release android.
But i am unable to sign usejarsigner and zipalign.
kindly help.
I have already solved my problem.
I am explaining its steps for the people who are still stuck in it:
Create a unsigned apk.
Run this command cordova --release android after getting to the location of the project.
You can find the unsigned apk in
project_name\platforms\android\build\outputs\apk\android-release-unsigned.apk
Copy this apk and keystore tool in one folder.
Navigate to the folder and sign it using jarsigner present in java.
Run this command,
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore <keystorename <Unsigned APK file> <Keystore Alias name>
After this you will be prompt to enter password of keystore.
Go to location of zipalign.
(it is present in Android\SDK\build-tools\version)
Run this command
zipalign -v 4 "location of signed apk" "location of aligned apk"
I have created an APK using Unity but cannot upload it onto GooglePlay because it isn't assigned. I saw many pages on how can I solve it using Unity, but I am using a Mac.
I tried changing .apk to .zip and then changing the parameters in .xml (manifest) accordingly, but GooglePlay shows:
You uploaded an APK that is not zip aligned. You will need to run a
zip align tool on your APK and upload it again.
Please help.
With command-lines, you can sign(with jarsigner from the java-jdk) and align(with zipalign from the android-SDK).
Sign:jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
Align:zipalign -v 4 your_project_name-unaligned.apk your_project_name.apk
Having the error: unable to sign jar: java.util.zip.ZipException: invalid entry compressed size ... means that the apk is already signed, you should:
Verify that it's not signed with the debug-key:jarsigner -verify -verbose -certs my_application.apk.
Remove the debug-signature if needed:zip -d foo.apk META-INF/\*
I'am trying to build the final release version of my app that using phonegap 3.0 and a few plugins. I have followed this answer on SO to link my keystore file to the app however I am not sure this is working.
Everything runs locally when I use phonegap run android.
Into myapp/platforms/android I have placed ant.properties
key.store=/Users/XXXXX/Desktop/keystore/my-release-key.keystore
key.alias=FishAppKey //I wasn't sure as it is suggested this can be whatever.
When I build my app instead of placing the .apk files into platforms/android/bin they are put into platforms/android/ant-build?
When I move into platforms/android and run ant release I get Build failed ...tools/ant/build.xml:698:null returned 1
Really I am trying to figure out how to go from phonegap run android to a apk file I can upload to google play.
As answer to your comment, you use jarsigner and pass the full path to your keystore in the -keystore argument. So let's say your keystore is on the desktop and named yourkeystore.keystore,
On Windows you would :
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore %userprofile%\Desktop\yourkeystore.keystore yourappname-release-unsigned.apk youraliasforthekeystore
On linux (and probably OSX also):
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore $HOME/Desktop/yourkeystore.keystore yourappname-release-unsigned.apk youraliasforthekeystore
And of course you can replace yourappname-release-unsigned.apk with the full path of your apk in case it's not in the current directory.
I've been trying to use the jarsigner.exe and adb.exe to manually sign an android package and install it on a API V8 emulator. I created a simple HelloAndroid project and it would generate a signed HelloAndroid.apk using the debug.keystore located in the user's .android directory. When launching from Eclipse, it builds and installs the apk on the emulator without a problem.
I used the android tools to export an unsigned application package to a separate directory. I signed and zipAligned the package and used adb to install it but received the error:
Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES]
I used the following command to sign it.
jarsigner -verbose -keystore c:\users\jhwong\.android\debug.keystore
-storepass android -keypass android -digestalg SHA-1 -sigalg SHA1withRSA
-sigfile CERT -signedjar temp\HelloWorld2.apk
temp\HelloWorld.unsigned.apk androiddebugkey
adding: META-INF/MANIFEST.MF
adding: META-INF/CERT.SF
adding: META-INF/CERT.RSA
signing: res/layout/main.xml
signing: AndroidManifest.xml
signing: resources.arsc
signing: res/drawable-hdpi/icon.png
signing: res/drawable-ldpi/icon.png
signing: res/drawable-mdpi/icon.png
signing: classes.dex
That did not give me any errors and just to makes sure I ran:
jarsigner -verify -verbose temp\HelloWorld2.apk
It showed the jar was verified and each file signed and part of the manifest.
I ran zipalign -v 4 temp\HelloWorld2.apk temp\HelloWorld3.apk which finished without an error.
Then used adb install -r temp\HelloWorld3.apk.
I've seen several related threads and articles suggesting these directions but I'm perplexed as to why it doesn't work manually verses using Eclipse to build the signed package. I've even taken the package built from Eclipse and was able to use adb.exe to install it so I've narrowed it to signing the package. I've tried keystores that I've generated from the keytool but they didn't work as well which is why I tried the debug.keystore.
I'd appreciate any advice if they noticed anything wrong with my jarsigner code.
We had this exact same problem. Try using the following parameter values:
jarsigner ... -digestalg SHA1 -sigalg MD5withRSA ...
By the way, using explicit sigalg and digestalg seems to be mandatory with JDK 7.
To sign apks using JDK 1.7 one has to use these keywords "-sigalg MD5withRSA -digestalg SHA1 "
Reason:
As of JDK 7, the default signing algorithim has changed, requiring you to specify the signature and digest algorithims (-sigalg and -digestalg) when you sign an APK.
Command:
jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 -keystore [keystorefile]
[originalapk] alias_name
If you're using JDK 7, try
jarsigner -sigalg SHA1withRSA -digestalg SHA1
If you get
jarsigner error: java.security.SignatureException: private key algorithm is not compatible with signature algorithm
then try
jarsigner -sigalg MD5withRSA -digestalg SHA1