0

I'm trying to upgrade my app (developed with appinventor 1.0) on google play. I'm using the same keystore but I get the following message (sorry the ignorance, not sure it matters but for security I changed some of the keys below after SHA1:):

Upload failed
Your APK has been signed with multiple certificates. Please only sign it with one certificate and upload it again.
You uploaded an APK that is signed with a different certificate to your previous APKs. You must use the same certificate. Your existing APKs are signed with the certificate(s) with fingerprint(s):
[ SHA1: A6:D5:E5:66:34:84:B5:31:8E:8F:79:D7:2A:38:B1:54:5E:29:27:22 ]

and the certificate(s) used to sign the APK you uploaded have fingerprint(s):

[ SHA1: A6:D5:E5:66:34:84:B5:31:8E:8F:79:D7:2A:38:B1:54:5E:29:27:22,
SHA1: 0D:28:AC:88:7C:D8:FD:0C:BA:A7:46:BC:70:7E:EA:37:9F:A1:CC:84 ]

I am using jarsigner and zipalign afterwards. The first part of the SHA1 is reproduced exactly, but there is an extra SHA1 after a comma.

Any clue ?

miketreacy
  • 1,120
  • 1
  • 11
  • 17
an mo
  • 1

2 Answers2

0

Probably you are using the same keystore, but not the same certificate. To update your application you need to use the exactly same configuration (keystore and certificate) you used to submit it.

Sandro Machado
  • 9,921
  • 4
  • 36
  • 57
  • thanks. I am using exactly the same commands I used previously! Any idea how I make sure I use the same certificate? – an mo Dec 28 '15 at 10:48
  • sure 4) SIGN CERTIFICATE jarsigner -verbose -keystore an.mo.keystore KM123.apk an.mo 5) ZIPALIGN ~/android-sdk-macosx/tools/zipalign -v 4 KM123.apk release.apk – an mo Dec 28 '15 at 11:34
  • I also tried a more detailed signing, with sigalg and digestalg like this, but I got the same outcome $ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name – an mo Dec 28 '15 at 11:36
  • Looks like you are missing some steps, follow this tutorial: http://developer.android.com/tools/publishing/app-signing.html#signing-manually – Sandro Machado Dec 28 '15 at 11:46
  • Thanks for checking. I am following exactly that tutorial. Step 1 is the generation of the private key which I have done 3 years ago and I believe I am not supposed to change. Step 2 is the generation of the unsigned app, which I did. I also verified the signature (step 4 in the tutorial). Everything else is the same. – an mo Dec 28 '15 at 11:54
0

My guess is that there is another signature present in your apk. Rename .apk file to .zip and remove any signatures present. Then rename back and do jarsign and zipalign.

Rediska
  • 1,392
  • 10
  • 14