Android Tutorial Signing your application before uploading to Google Play

The result of compiling your application is an APK file. This is a package file that contains the compiled source code and the assets files.
The APK file must be signed before installation. Signing the file means that it is not possible to later modify it without the private key that was used to sign the file.
Android devices will not install an unsigned APK file.

Basic4android uses a default "debug key" to sign applications. This key is fine during debugging. However Android market doesn't accept APK files signed with this key.
You need to create your own private key.
Fortunately it is pretty simple to create such key.
Choose Tools - Private Sign Key

This dialog allows you to create a new key, load an existing one or to use the debug key.
Keys are stored in a keystore file.
It is not possible to access such a file without its password.

Once you created a new keystore file, Basic4android will use this key for all your projects.
You should be very careful with this file. If this file gets lost you will not be able to update your applications in the market. You will need to publish updates as new applications.
It is impossible to recreate a lost keystore file.
Therefore it is recommended to backup this file.

In the IDE, when you reinstall an application and use a different key, you will see this message:

Pressing yes will uninstall the previous application and install the new one.

 

[Erel]

You should first select the file. This is the file that will be created.

 

[t0mt0m]

What a File i dont understand you. Where can i find the keystore file

 

[Erel]

You are creating a new file. You should choose its path and name.

The new file will store the key.

 

[t0mt0m]

https://www.dropbox.com/s/5nw552acrrj7me9/1.png

This is my Problem

 

[Erel]

Press on the Browse button and choose the path and name of the key file that you want.

 

[t0mt0m]

https://www.dropbox.com/s/qkg5en2aknxf5th/2.png

Another Problem

 

[Erel]

You cannot overwrite an existing file. Choose a new one.

 

[t0mt0m]

Now i understand!!! Thanks for Help

 

[jalle007]

After I signed and publish my 1st app to google market
I am trying to make another app.

Now B4A prompt me for :

Basic4android
---------------------------
An existing application is installed with a different certificate.

Do you want to uninstall the previous application?
---------------------------
Yes No Cancel

How can I continue with 2nd app using my new * or debug key and leave the previous one ( which is actually located in my 1st app dir) ?

 

[Erel]

The key can be located in the folder of another app (make sure that it is not under Objects folder).

 

[jcredk]

Hi all,

I am a licenced B4A user trying to publish my 1st app to the market but it's still not OK.

What I did:

1. My app (a "hello wolrd widget") is working fine on my connected device with debug/release/release obfuscated.
2. I created a new keystore file within the application directory. (Re-opening it show a me key in the lower (readonly) part.
3. I try to upload the apk (release obfuscated) in Google console and get the following error:

"
traitement en cours...
Importation en cours… E39Clock.apk
Échec de l'importation.
Vous avez importé un fichier APK dont le certificat n'est pas encore valide. Vous devez créer un fichier APK avec un certificat en cours de validité. En savoir plus sur les signatures de certificats
Importer un autre fichier APK
"​

In english, it basically means that import is cancelled as my APK certificate is not yet valid ...!? Any help appreciated ?

Thanks,

Jo

 

[Erel]

Is the key file you created referenced when you open Tools - Private Sign Key?

 

[jcredk]

Yes it was. In fact the issue is solved:

As the error was saying is not yet valid ...
I was wondering if there was a time-zone issue (I am from France), so I tried again this morning without changing anything ... and it worked.

Erel, thanks a lot for your support. I will put the link in the appropriate discussion when the published app is effectively visible in store!

Thanks,

Jo

 

[Merlot2309]

Hello,

After the robbery of all my electronics, bought a new laptop, etc. I finally uploaded a new version of an app to Google Play.
Got the error that the key was different. It actually didn't sink in that I tried to upload the debug file, I guess.
After searching and thinking I realized that the key file must have been automatically replaced by the debug key from B4A.
Luckily I found my key file on an old laptop but had no idea what my password for the Private Sign key was.
The password is always visible, created almost 3 years ago, before I started using a Cloud and any app automatically picks up the same key file.

So I hope that it is helpful that you store this password in a safe place as well (got the correct password on my second attempt, yehhhhhhh).
Maybe it's possible to show a warning when a different key file is loaded automatically and maybe it's an idea to be able to hide the password.

Regards,
Helen

 

[Erel]

The debug key cannot overwrite the private key. Even if you create a new key it shouldn't overwrite the previous one.

 

[ThRuST]

Hello! I have not yet uploaded my new app to Google marketplace but will soon. Chfajardo problems makes me wonder if it's just a unlucky personal problem to restore his private sign key. Anyone else had problems to use the inbuildt key generator in B4A? I hope Erel see this to give his comments. I assume the same key should be used for all future apps published on Google play? so it is like a fingerprint. Is there good software to generate such a key? Anyone

 

[ThRuST]

Is it enough to generate one sign key to be used for all future projects, Grandmaster Erel

 

[Erel]

Anyone else had problems to use the inbuildt key generator in B4A?

There isn't any built-in key generator. The standard Java tools are used. You will not encounter any problem.

You should use a single key for all your projects.

 

[tofd]

Hi all,

I have create an App with B4A v1.8 and I have had no problem with Private Sign Key.
But today I have upgraded my B4A to the v3 and when I want to compile the same version of my App I have an error Private Sign Key signing.
In fact after to try the compiling, B4A erase my keystore and he say me the file is unfindable.
I have a copy of all files and after I try to compile with v1.8 it's OK, why with v3 I have problem?

 

[Erel]

Where are you saving the keystore file? Make sure that it is not inside Objects folder.