SHA certificate firebase Debug/Release

Question

My android app is using firebase realtime Database, i've putted the app debug SHA certificate fingerprints , and when I test my app with debug mode it works and I get data from DB , now when I want to sign and release the app , " what i've done with my previous app : I delete the debug SHA certificate fingerprint from firebase project console and then I put the release SHA certificate fingerprint and the app is on the market now and it's OK" but I want to know :

Q1)when I deleted the debug SHA certificate fingerprint with the release one , it will still work when I run my app in debug mode ?

Q2) should i put debug and release SHA certificate fingerprint in the firebase console ?

Q3) If i put debug and release SHA certificate fingerprint in the firebase console then download the new configuration file provided from firebase , my database connexion will still work either on release and debug mode ?

Alex Mamo · Accepted Answer · 2020-01-17T08:43:40.237

15

Here are the answer to your questions.

It will work only if you still have the debug SHA certificate fingerprint for debug mode. Otherwise, it won't work.
Yes, you should put in your Firebase Console, both debug and release SHA certificate fingerprints.
Yes indeed, if you put the debug and release SHA certificate fingerprint in the Firebase Console and if you download the google-services.json file again and put it in the right place in your project, your database connection will still work either on release and debug mode.

edited Jan 17 '20 at 08:43

answered Nov 17 '17 at 17:40

Alex Mamo

130,605
17
163
193

So if i will add debug and release SHA certificate fingerprint in the Firebase Console i have to just download one google-services.json and put it in app folder , no other configuration needed ? no change in buildType ? – Repiut Nov 18 '17 at 07:40
Yes, that's correct and when you want to launch the release variant, you only need to change the `Build Variant` from debug to release . – Alex Mamo Nov 18 '17 at 07:45
have you an idea how firebase can choose betwwen the two SHA certificate fingerprint in the Firebase Console , cause they are in the same google-services.json file and we didn't specify which one for debug and which one for release ? – Repiut Nov 18 '17 at 07:55
But not Firebase is choosing. When you are using debug mode, it means that only you can use it. The release version is needed for Google Play Store. This means that you tell Google Play Store that you are not in debugging mode anymore and you want that app to be public. It's not anymore only for debug purposes. – Alex Mamo Nov 18 '17 at 08:01
1

A fourth key will be needed if you intend on using internal app sharing: https://stackoverflow.com/a/62763633/1702810 – Stephan Jul 06 '20 at 20:04

Rahul Devanavar · Answer 2 · 2021-08-06T10:48:17.523

1

You have to create two separate projects for Debug and Release in firebase console.

Put the respective SHA key in those project.
You have two different google-services.json file.

Now you have to create two bulidType in the app build.gradle file. Ex.

buildType{
    release{
   //define your keys here 
    }
    
    debug{
   //define your keys here 
   
    }

}

In projects src create two folders called debug and release

project-->src-->create folder debug and release

put your google-services.json file in the respective folder

Gradle will automatically pick your account based on build type.

edited Aug 06 '21 at 10:48

answered Nov 17 '17 at 11:15

Rahul Devanavar

3,917
4
32
61

i should duplicate the project in firebase console ? there is not another solution ? – Repiut Nov 17 '17 at 16:28
It not duplicate. It's good practice to maintain sparate project for development and release – Rahul Devanavar Nov 17 '17 at 19:33
When I try to put my debug key to firebase it shows me that "Your Operation is Forbidden." Any idea? – Pranjal Choladhara May 21 '18 at 00:05
can you share the log – Rahul Devanavar May 21 '18 at 05:27

zehawk · Answer 3 · 2022-10-21T22:23:49.633

After reading through dozens of resources and help, etc, I found that answers quickly get outdated due to Gooogle's incessant need to keep changing the methods and UI. And Google itself does a poor job of showing 1 simple method to achieve something, instead of multiple alternates, which just end up adding confusion.

Certificate is required not just for database (as the OP asked), but also for Google signin, etc.

So for all such cases here are the steps current as of Oct 2022. Note that there are 3 different keys, depending on what one wants to achieve:

A. Debug key

B. Release key

C. App signing key

First generate A. debug key from Android Studio using various methods. 2 are listed here: https://developers.google.com/android/guides/client-auth - via keytool and via Gradle signing report. I've found that the Gradle signing report is easy to use for getting the SHA1 key.

Add this debug key to Firebase Console when setting up the app for the 1st time. Else enter this key under existing app settings: Firebase | < project > | Project settings | Your apps | Android app | SDK setup and configuration | Add fingerprint.

Download the google services json and plug it into Android Studio. Test your app (debug version) in the emulator, and it should work fine since the debug key has been set in Firebase and in the google services json.
Now for production app, ie release version - use B or C.

B. Release key: Use the keytool command to generate the SHA1 key from the release / upload keystore in Android Studio. Add the key to Firebase Console under the same app using "Add fingerprint". Download the google services json again and plug it into Android Studio. Generate a release APK and test that on a local device etc - this should also work fine since the release key has been set in Firebase and in the google services json.

Finding the keytool path itself leads down another rabbit hole. One might see these resources: What’s keytool, why can’t it be found, and why does Firebase even want a “SHA-1”? and 'keytool' is not recognized as an internal or external command.

C. App signing key: Create (or locate) your publisher account on Google Play Console. Create (or locate) the app and set it up for Google Play signing, which is anyway the default since Aug 2021. Under Release | Setup | App integrity | Play App Signing | App signing key certificate - copy the "SHA-1 certificate fingerprint".

Add the key to Firebase Console under the same app using "Add fingerprint". Download the google services json again and plug it into Android Studio. Generate an App bundle. If this is the 1st time the app will be published on Play store, then I suggest releasing under "Internal testing" track first to test it live across multiple devices.

SHA certificate firebase Debug/Release

3 Answers3

Linked