My app is telling users its not signed correctly...any idea what I need to do to make sure its signed?
The play store accepts it but users get an error trying to install - but my nexus device installs it just fine...
https://play.google.com/store/apps/details?id=com.sigmasolutions.knightclock&hl=en
I use the following to sign and create a release version... Is there something wrong...
Also, I haven't update java in a while since forum members seem to sticking with earlier versions to avoid issues...
copy glbasic-release-unsigned.apk glbasic-debug.zip
pause
"C:\Program Files\7-Zip\7z.exe" d glbasic-debug.zip META-INF\manifest.mf META-INF\CERT.SF META-INF\CERT.RSA
pause
copy glbasic-debug.zip glbasic-debug.apk
"C:\Program Files\Java\jdk1.7.0_04\bin\keytool.exe" -genkey -alias kwapps.keystore -sigalg MD5withRSA -keyalg RSA -validity 20000 -keystore kwapps.keystore
"C:\Program Files\Java\jdk1.7.0_04\bin\jarsigner.exe" -verbose -keystore kwapps.keystore -signedjar glbasic-signed.apk glbasic-debug.apk kwapps.keystore
"C:\Program Files\Android\android-sdk\tools\zipalign.exe " -v 4 glbasic-signed.apk glbasic-release.apk
Can anyone offer any help here.... :noggin:
I'll see what happens on mine...
Really appreciate it...Thanks!
My mobile phone states that it hasn't be signed properly, unfortunately... The same with my tablet.
If you are using the newer version of Java, you will have to use the new signing system I posted a while ago, as Sun changed a few things...
If you aren't then it sounds like bits of the meta files aren't being replaced
try without MD5withRSA algorithm
It is needed with the latest version of Java unfortunately
:(
try -keysize 2048
The latest key signing system is this :
erase "%1.zip" /Q
erase "%1_signed.apk" /Q
erase "%1_unsigned.apk" /Q
erase "%1_release.apk" /Q
copy "%1.apk" "%1.zip"
"C:\Program Files\7-Zip\7z.exe" d "%1.zip" META-INF\manifest.mf META-INF\CERT.SF META-INF\CERT.RSA
copy "%1.zip" "%1_unsigned.apk"
keytool -genkey -alias keys/mykey.keystore -validity 20000 -sigalg MD5withRSA -keyalg RSA -keysize 1024 -keystore keys/mykey.keystore
jarsigner -verbose -keystore keys/mykey.keystore -sigalg MD5withRSA -digestalg SHA1 -signedjar "%1_signed.apk" "%1_unsigned.apk" keys/mykey.keystore
zipalign -v 4 "%1_signed.apk" "%1_release.apk"
move "%1_release.apk" "Release/%1_release.apk"
@echo "Finished"
pause
im still uses that one from slb_code_sign.bat, which have works fine here. The main issue in the sign file here, is the 7z.exe, which is not standard to have that....
I use 7z has I couldn't get WinRar to delete files from the compressed package...
Just a little question..
Do we need to use the latest version of the JDK? O_O
I dont think so - V1.6 should be fine
:good:
So, should i modify my bat file or update my java?
I will try the keysize thing too...
Im using
(build 1.7.0_21-b11)
Should I change my bat file then?
Using GLbasic Beta V11, you should use the Java SDK 1.7.x.
My original key sign batch file works fine for me.
Quote from: Kitty Hello on 2013-Oct-30
Using GLbasic Beta V11, you should use the Java SDK 1.7.x.
My original key sign batch file works fine for me.
Do you have a link to the key signing batch file???
This contains all the information you should need : http://www.glbasic.com/forum/index.php?topic=6169.0
It has both the pre 1.7 and post 1.7 changes...
Stupid question - How do you know if you're app is signed or not?
What happens is that Android will complain about the APK not being signed correctly during/before the installation process.
My "glbasic-debug.apk"s install fine on the OUYA - I presume that means it's signed correctly then?
GLB creates 3 .APK files -
- glbasic-debag.apk
- glbasic-debug-unaligned.apk
- glbasic-release-unsigned.apk
Which one is actually the right one to use on a device? The first debug one works fine, but what are the differences?
You should sign the glbasic-release-unsigned.apk - I presume the others have all the debug information in, whilst the release file doesn't.
You should be able to install the debug versions on an Android device (if the "allow unknown sources is checked") as I believe they use a test signing code - however, you cant upload them to the Play Market until the signing files have been replaced - but then you'll have all the debug stuff left...
Yeah when creating your game the debug is best to test the game on your device fast, cause it dont need signing etc. But when you release your game you need to sign the release version and publish this, not the debug.
Yeah, I knew that only signed .apks will be accepted on stores, but I wondered what the difference was between the three .APKs that GLB produced.
Is there a reason why GLB doesn't sign .APKs automatically? Can it be made to do so?
It would be a good idea really.
+1 :good:
+1 :good:
its due you need to insert the password every time to sign it, that why its cant been signed automatic. Its would simply got stuck under compiling, because the IDE dont show any input from them.
Also im have never liked the auto install with adb automatic too, which is why im removed that part in the SDK UPGRADE version (its very often stuck, without could see any reason, due its never outputted the screen from adb). the newer adb also sovled the many unstable hell im had with SDK 2.2. So personly im will not return to the default SDK glbasic using anymore.
Howover instead, im could promide the command to been used to install as well signing the apk to easier it (a copy & paste to the commando prompth). Im did that with install, but im can look doing the same with apk signing as the last step.
Why can't a password be stored as a parameter in the editor? The name of the app and other details are.
Its could, but its in a very unsecure text form format, so its not recommered to do that at all. So im wont add things like that to ANDROIDEXTRAS, even im could do that very easy. Its simply a security reasons not to do that. So its must to been done manually, so its not possible when glbasic IDE not shown anything (if its did, its would not have issue doing it at all).
But im have no problems to show the command used to semi auto sign it by just invoke the command. That is something im will look in this weekend to the ANDROID SDK upgrade (glb_build.bat).
EDIT SUCH LIKE THIS (using SDK 4 upgrade):
@ECHO OFF
ECHO running Android build-script...
:: install Android SDK, Android NDK
:: install JDK
set HERE=%~dp0
set ANDROIDSDK=%HERE%..\android-sdk-windows
:: set JAVA_HOME=C:\Program Files (x86)\Java\jdk1.6.0_24
set PATH=%JAVA_HOME%\bin;%PATH%
ECHO .
ECHO BUILD STAGE 1: Create Icons for various size
AndroidIcons.exe "|%GLB_PROJ_PATH%|"
ECHO BUILD STAGE 2: Start compiler (android.bat)
ECHO %ANDROIDSDK%
call "%ANDROIDSDK%\tools\android.bat" update project --name "glbasic" --path "%GLB_PROJ_PATH%" --target "android-16" --subprojects
cd /D "%GLB_PROJ_PATH%"
ECHO .
ECHO BUILD STAGE 3: Build a debug build
call "%ANDROIDSDK%\tools\ant\bin\ant.bat" debug -q
ECHO .
ECHO BUILD STAGE 4: Build a release build
set _JAVA_OPTIONS=-Xms256m -Xmx512m
call "%ANDROIDSDK%\tools\ant\bin\ant.bat" release -q
ECHO .
ECHO HOW TO INSTALL? Install by invoke this command:
ECHO "%ANDROIDSDK%\platform-tools\adb.exe" install -r "%GLB_PROJ_PATH%/bin/glbasic-debug.apk"
ECHO .
ECHO HOW TO SIGN? Sign it by invoke this command:
ECHO "%HERE%glb_code_sign.bat" "%GLB_PROJ_PATH%"
ECHO .
in glb_build.bat. That should easier the signing when you known the command to been used....
Since GLB creates 3 files, its a bit slow. Maybe it would be faster if only one file would be created. Would it be possible to only create the debug version if debug mode is selected and create the release version if release is selected?
Alternatively after we selected a dialog could open and ask what version we want to create - this dialog could also be used to ask for the signing pass word and maybe even if we want to install on device directly.
yes actuelly, when enable debug version in IDE, glb_build_debug.bat could been started. if its disabled, glb_build.bat could been started....
Also if could done that way then the release version could automatic start the bat file, but should shown the commando prompt window. If it could do that, then the glb_code_sign.bat could started automatic in the release version.
Its a nice idea for the IDE dosnt use that feature anyway, so its could been a nice uses here.
PS. asking dialog would been very annoying very fast, so its better doing alternative way, but abusing debug feature could been good.
I've UPLOADED a new version it with the altered signing script ... would appreciate someone trying to install to see if my Signing issue is resolved...BTW the app is free.
https://play.google.com/store/apps/details?id=com.sigmasolutions.knightclock&hl=en
just gave a try from the play store on my note II.
On installation, I get this error:
PACKAGE FILE WAS NOT SIGNED CORRECTLY
Are you using the latest Java SDK ?
No, should I allow newest version?
GLB v12 needs Java SDK 7.x, and you will need to use the new signing method as shown by MrTAToad on the first page. You can add -storepass yourkeypasswordhere parameter to the jarsigner line too if you don't want to have to keep entering the keystore password each time you sign an app ;)
I'm a bit behind on things...GLB v12 !! I only have 11.414 installed...
Where do I get v12? I will look on the forum to see if there is a download...
http://www.glbasic.com/forum/index.php?topic=8544.0
Quote from: Moru on 2013-Nov-18
http://www.glbasic.com/forum/index.php?topic=8544.0
thanks Moru but i seem to get a network error trying to get the exe is there another download spot?
Also, might seem a dumb question but I updated my java do I need a specific new version of the jdk as well or is my jdk1.7.0_04 okay?
I use _40, but _04 should be fine.
Unfortunately there isn't another download spot...
Quote from: MrTAToad on 2013-Nov-18
I use _40, but _04 should be fine.
Unfortunately there isn't another download spot...
Got my .exe download working after disabling my virus checker...?!
Going to upload my latest signed version and should be vers 2.2 now...
Please try now...
https://play.google.com/store/apps/details?id=com.sigmasolutions.knightclock&hl=en
Installs and runs fine!
However, there is no font loaded for the options text, so you just get black rectanges
Works fine on android now.
One critic, the smaller thinner fonts are too hard to read, what about bigger and bolder? That way people can read from the phone screen at distance.
EDIT: Mr. Tatoad is right, clicl on MODE / TIME and I get no fonts just like his screen shot.
Great! Thanks lads, I will look into font issue think it is due to alpha mode settings.