Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Different signatures of apk

I made an application on android and published it on the play store. I signed my apk with a new private key.

Last week, i wanted to update my application with my new features. So I exported my new apk with the same private key previously created. Then I published and playstore accepted it.

But on the play store in my phone, the application cannot be updated. I have to uninstall it before and if I do that, I will lost my data.

So my question is, how can I make an updatable apk on the google play store

like image 642
Peka Avatar asked Oct 02 '12 15:10

Peka


People also ask

What is a apk signature?

APK Signature Scheme v2 is a whole-file signature scheme that increases verification speed and strengthens integrity guarantees by detecting any changes to the protected parts of the APK.

What are signed APKs?

A signed apk is an android package file that has been digitally singed with a certificate for which the developer holds the private key. When you are doing developing your application a special debug key is created by the dev tools.


2 Answers

You can't change the signature of your apk uploaded to the play store, you i'll need to use the same signature as before. If you do change the signature of your app and try to upload it you will get an error telling that the same application was found but with a different signature.

If you manually send your users an app (mail for example) with a changed signature they will have to uninstall the current app before they can install the same app with the new signature. Users will lose there application data doing this! This is a safety mechanism, so hackers/bad people can't change your apk and get the user data in that way.

The Android system uses the signature to check if the application is really an update for the existing one on your phone. Because only you now your signature password and stuff, hackers can't use it in there fake app updates for example.

Summary: Always use the same signature!

Check: http://developer.android.com/tools/publishing/app-signing.html

Edit: As said by @HandlerExploit Probably you have your "non market version/debug version" of the app still installed on your phone, a debug version of the app is always signed with a default debug signature. This signature is different from the one on the market.

like image 79
Rolf ツ Avatar answered Oct 03 '22 06:10

Rolf ツ


Most likely you installed your application with your computers default debug signature during development, you will need to uninstall it before installing your new market version.

like image 36
HandlerExploit Avatar answered Sep 30 '22 06:09

HandlerExploit