If a signing key expires, do existing apks refuse to install, or does it just mean that new apps can't be signed with that key?
We are recommended to use keys that expire in 25+ years, and Google Play mandates expiry of at least 2033-10-22! However, some people may wish to renew their keys far more frequently than that for security reasons (Moore's law, cracked algorthms, etc.).
If an apk's key has expired, is there any way of installing it (without relying on the developer to re-release)?
If you sign an installer, executable file, or other code with an expired code signing certificate, it will not be trusted by users' operating systems. You should renew your code signing certificate with your certificate authority (CA) before it expires.
A digital certificate has a validity period, after which the certificate expires. Once a certificate expires, it is no longer valid, and it can cause the client-server communication to fail at the SSL handshake level.
Fill this Google support form. For the Developer account ID, you can found get it from here. Don't forget to include the app's package name and describe the issue by mentioning that you lost the app's signing key. Then, in a short time they'll send you an instruction email.
Keystores, keys, and certificates App signing key: The key that is used to sign APKs that are installed on a user's device. As part of Android's secure update model, the signing key never changes during the lifetime of your app. The app signing key is private and must be kept secret.
If a signing key expires, do existing apks refuse to install, or does it just mean that new apps can't be signed with that key?
jarsigner
will refuse to use an expired key, and apk's signed with the old key will be refused by Android on install, but apps already installed will continue to run just fine.
https://developer.android.com/guide/publishing/app-signing.html
If an apk's key has expired, is there any way of installing it (without relying on the developer to re-release)?
Yes, the apk can be resigned with your own certificate.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With