Saturday, December 28, 2013

Keep your App signing keys safe.

Today I tried to publish version 3 of Dream Noise but struck against a problem that I was not aware previously.

During the preparation of the apk for uploading to Google Play, I forgot the password for the signing. "OK, no big deal. I will just delete the old keystore and create a new one," I thought. Well, that went well until I upload the apk onto Google Play. As the version 3 of the Dream Noise was signed with a different key, Google detected that the difference and reject the submission.

I can see that this is the correct thing for Google to do. The signing of apk ensures that it can only be updated by the same people.

So the lesson learn for me is to keep a note of the password that I have used to create the keystore.

To recovery of this problem is to unpublish Dream Noise from Google Play, wait for it to be removed. Upload a new application on to it. That is the plan. Let see if it will work out like that.


This is a link on StackOverflow that addresses this problem. Take heed.

http://stackoverflow.com/questions/4843212/the-apk-must-be-signed-with-the-same-certificates-as-the-previous-version

No comments: