I understand that an APK can be signed multiple times using jarsigner. Also, all updates should be signed with the same key. Assume an APK was signed with three certificates, is it a hard requirement that all updates MUST be signed with all three certificates? Or, is it okay with PackageManager if an update is signed with just one of the three certificates?
Asked
Active
Viewed 109 times
1
-
try it out, create an unsigned apk, sign it three times, zipalign it, and install on device via `adb install nameo.apk`. Then bump the versioncode in the manifest. create another unsigned apk, sign that three times, and zipalign it. Then install via `adb install -r nameo.apk` – petey Sep 03 '15 at 19:44
1 Answers
0
PackageManager checks to ensure that all updates are signed with the same key(s).
adb install -r 1380 KB/s (1107561 bytes in 0.783s) pkg: /data/local/tmp/app-release-unsigned.apk Failure [INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES]
I created two keystores Signed version 1 with just one keystore
Bumped up the version to 2
Signed the APK with two keys
At install time, Android gave the above error
Also, Google Play does not allow uploading APKs that are signed with more than one key.
Sai
- 2,089
- 3
- 19
- 30