Android Tutorial Signing your application before uploading to Google Play

Status
Not open for further replies.
The result of compiling your application is an APK file. This is a package file that contains the compiled source code and the assets files.
The APK file must be signed before installation. Signing the file means that it is not possible to later modify it without the private key that was used to sign the file.
Android devices will not install an unsigned APK file.

Basic4android uses a default "debug key" to sign applications. This key is fine during debugging. However Android market doesn't accept APK files signed with this key.
You need to create your own private key.
Fortunately it is pretty simple to create such key.
Choose Tools - Private Sign Key

sign_1.png


This dialog allows you to create a new key, load an existing one or to use the debug key.
Keys are stored in a keystore file.
It is not possible to access such a file without its password.

Once you created a new keystore file, Basic4android will use this key for all your projects.
You should be very careful with this file. If this file gets lost you will not be able to update your applications in the market. You will need to publish updates as new applications.
It is impossible to recreate a lost keystore file.
Therefore it is recommended to backup this file.

In the IDE, when you reinstall an application and use a different key, you will see this message:
sign_2.png


Pressing yes will uninstall the previous application and install the new one.
 

jalle007

Active Member
Licensed User
Longtime User
After I signed and publish my 1st app to google market
I am trying to make another app.

Now B4A prompt me for :

Basic4android
---------------------------
An existing application is installed with a different certificate.

Do you want to uninstall the previous application?
---------------------------
Yes No Cancel

How can I continue with 2nd app using my new * or debug key and leave the previous one ( which is actually located in my 1st app dir) ?
 

jcredk

Member
Licensed User
Longtime User
Hi all,

I am a licenced B4A user trying to publish my 1st app to the market but it's still not OK.

What I did:
  1. My app (a "hello wolrd widget") is working fine on my connected device with debug/release/release obfuscated.
  2. I created a new keystore file within the application directory. (Re-opening it show a me key in the lower (readonly) part.
  3. I try to upload the apk (release obfuscated) in Google console and get the following error:

"
traitement en cours...
Importation en cours… E39Clock.apk

Échec de l'importation.
Vous avez importé un fichier APK dont le certificat n'est pas encore valide. Vous devez créer un fichier APK avec un certificat en cours de validité. En savoir plus sur les signatures de certificats
Importer un autre fichier APK
"

In english, it basically means that import is cancelled as my APK certificate is not yet valid ...!? Any help appreciated ? :)

Thanks,

Jo
 

jcredk

Member
Licensed User
Longtime User
Yes it was. In fact the issue is solved:

As the error was saying is not yet valid ...
I was wondering if there was a time-zone issue (I am from France), so I tried again this morning without changing anything ... and it worked.

Erel, thanks a lot for your support. I will put the link in the appropriate discussion when the published app is effectively visible in store!

Thanks,

Jo
 

Merlot2309

Active Member
Licensed User
Longtime User
Hello,

After the robbery of all my electronics, bought a new laptop, etc. I finally uploaded a new version of an app to Google Play.
Got the error that the key was different. It actually didn't sink in that I tried to upload the debug file, I guess.
After searching and thinking I realized that the key file must have been automatically replaced by the debug key from B4A.
Luckily I found my key file on an old laptop but had no idea what my password for the Private Sign key was.
The password is always visible, created almost 3 years ago, before I started using a Cloud and any app automatically picks up the same key file.

So I hope that it is helpful that you store this password in a safe place as well (got the correct password on my second attempt, yehhhhhhh).
Maybe it's possible to show a warning when a different key file is loaded automatically and maybe it's an idea to be able to hide the password.

Regards,
Helen
 

ThRuST

Well-Known Member
Licensed User
Longtime User
Hello! I have not yet uploaded my new app to Google marketplace but will soon. Chfajardo problems makes me wonder if it's just a unlucky personal problem to restore his private sign key. Anyone else had problems to use the inbuildt key generator in B4A? I hope Erel see this to give his comments. I assume the same key should be used for all future apps published on Google play? so it is like a fingerprint. Is there good software to generate such a key? Anyone
 

ThRuST

Well-Known Member
Licensed User
Longtime User
Is it enough to generate one sign key to be used for all future projects, Grandmaster Erel :)
 

tofd

New Member
Licensed User
Longtime User
Hi all,

I have create an App with B4A v1.8 and I have had no problem with Private Sign Key.
But today I have upgraded my B4A to the v3 and when I want to compile the same version of my App I have an error Private Sign Key signing.
In fact after to try the compiling, B4A erase my keystore and he say me the file is unfindable.
I have a copy of all files and after I try to compile with v1.8 it's OK, why with v3 I have problem?
 
Status
Not open for further replies.
Top