Android : How To Sign An APK With More Than One Certificate?
May 21, 2010How do I sign an APK with more than one certificate, so that I can do this when I publish to the Android Market...
View 1 RepliesHow do I sign an APK with more than one certificate, so that I can do this when I publish to the Android Market...
View 1 RepliesI have an application that I want to be able to use the userid: android:sharedUserId="android.uid.system", I need to sign the .apk file with the same certificate as the built in system applications, such as the 'Settings' application. I've located the keystore file in my build directory which is: cacerts.bks, and I have the password for this. What I seem to be missing in order to sign my .apk file is the alias fo the keystore. Does anyone know what the alias is? Or is there an easier way to do this that I'm missing.I know this not a standard thing to do, and is perhaps a hack, but I have a client requirement to meet.
View 2 Replies View RelatedReason is i have an apk which works as an installer. When the user installs and opens it, it prompts the user to install another apk (drm free) which was inside the installer apk. However, after signing and zipaligning both with APK Signer tool and Private keys i get this error when installing: an existing package by the same name with a conflicting signature is already installed
basically, both the apk (installer) and apk (theme) have the same package name. When the apk (theme) is installed, it should overwrite the apk (installer).
I think both the installer apk and theme apk should have the same certificates in order to overwrite each other, but i don't know how.
Anyone else experiencing this problem or know of a solution? I have a Digicert signed https certificate that is throwing an SSLException (Not trusted server certificate). This doesn't make any sense as Digicert is a recognized certificate authority. I can connect to my https url without a problem via IE, Firefox, and Safari so they appear to have no issue with the certificate. Here's the code I'm using. Very simple stuff......................
View 3 Replies View RelatedI do not have the keystore that I used when I first created the app and I am wondering if I can create a new certificate using the same details that I used to create the earlier certificate. I have the details available with me.If I do so and update the app using this certificate, will the users get an update notification on their device?
View 9 Replies View RelatedI had configure a Tomcat webserver with SSL and client autification. So I need a clienKey.p12 File to visit the site. If I import the key into Firefox, it works fine.
So I tried to develop a Client from "normal" Java. That works:
CODE:..........
Now I try to develope a Client into Android and I am getting crazy....
Here my two Android implementation:
CODE:...........
I always geht the following Exception:
CODE:................
But the key is the same that I use for the "normal" java Client and for the import into firefox. So the key is valid. But it is signed by me... I don't want to sign it by a commercial Company like verisign.
If I have an apk can I remove the current signing and some how resign it with a different .keystore file and still have the application install?
View 1 Replies View RelatedI'd like to be able to get the MD5 fingerprint of the certificate associated with my app (regardless of whether it's the debug cert or the release cert). You're probably aware that in order to get a Google Maps API key, you need to provide them with the certificate fingerprint of your app so that they can match the key with the fingerprint when you use it so as to ensure it's "really you". I've got a similar situation in which I'd like to make requests against a URL (my server) and would like to pass my app's fingerprint as part of the request. I've got no clue which classes I should be looking at.
View 10 Replies View RelatedIs there any way to create an X509 certificate on the android device?
View 5 Replies View RelatedI need to do is download some basic text-based and image files from a web server that has a self-signed SSL certificate. I have been trying to figure out how to use HttpClient to do this, but getting the SSL to work is a nightmare that seems to be way too much trouble for such a simple task. Is there a better way to perform these file downloads? Perhaps through a WebView or Browser feature? Reinventing the wheel of making a simple HTTPS GET request is a major pain, and is significantly holding up my development schedule.
View 3 Replies View RelatedI am receiving this exception, when I try to access a secure site in my App. I am using DefaultHttpClient & BasicHttpParams classes for Http communication..........................
View 16 Replies View RelatedMy application redirects its users to a known domain (secure.gate2shop.com) that its root certificate doesn't exist on Android devices. Normal PC browsers have no problem accessing the site, but Android browser displays to the user that the certificate is untrusted. I don't want that behavior, not even once, so I'm looking for a way to install this certificate on the device from my app.
View 2 Replies View Relatedkeytool -list -alias androiddebugkey -keystore ~/.android/debug.keystore. -storepass android -keypass android I'm not sure how I can sign my debugkey so that I can use Google Maps. I have verified in Eclipse that this is where my debugkey is stored.
View 1 Replies View RelatedI just published my first application to the market and the "Just in" display show my icon and app name, but under the app name is shows my birth certificate name! How can I change this? Is it something I am missing in my manifest? I'm sure my mom would it; but me -- not so much.
View 11 Replies View RelatedMy debug.keystore certificate has expired. Does anyone know how to force Android to regenerate either certificate or the whole directory under
View 2 Replies View RelatedI want to connect to a server using ssl/https connection. During handshake between client and the server, I want to have server certificate authentication as well as client certificate authentication. The server certificate authentication is successful. But I don't know how to send client certificate to server for authentication, during the handshake.
View 4 Replies View RelatedI access asp.net web service..! My web service name is "https://192.168.1.2/Sample/service.asmx" But it will show the following Exception "javax.net.ssl.SSLException: Not trusted server certificate" This is my code...............
View 7 Replies View RelatedI want to use HttpPost over https/ssl. I get 'Not trusted server certificate' error. I've found a lot of posts, seems that many people have similar problems and I've found two suggestions: 1) Change server's certificate. Current certificate is self-signed as localhost.localdomain. Unfortunetly it's not my server and I cannot change the certificate. 2) Use HttpsUrlConnection instead of HttpClient. But I cannot use it because sometimes (when response's code is 401 or 403) I got IOException during getting response code or reading inputstream.
So I've found 3rd solution - use httpclient, when system throws excetpion 'not trusted server certificate' than display warning, inform user that certificate is not trusted and ask if he wants to add this one to the keystore (webbrowser works this way). But I've no idea how to get certificate from the server and add to keystore.
I've posted this on Android Security as well, but that group does not appear to have as much activity. Actually I guess my question belongs in this group anyway, even though it touches on some of the security aspects of android packages. My goal is to access the certificate that was used to sign the apk package; and ordinarily, I would do that from inside the program like this
Certificates[] signingCertificates = getClass().getProtectionDomain().getCodeSource().getCertificates();
Unfortunately it appears that getProtectionDomain() returns null on android - according to the specs
http://developer.android.com/reference/java/lang/Class.html#getProtec...
This method might return null (to converse space?) but only for system classes. Since I'm calling this from one of my own classes, I would expect to get a non-null value, but unfortunately not. I have tried from the emulator, and from an application deployed on my phone using adb through a USB cable. I'm using the latest SDK (2.2) and targeting android 1.6. So I guess I have two questions, the first being: why does getProtectionDomain return null, and have anyone had any success using this method from inside an android application. And the second: Is there some other way to access the certificate that a given apk package was signed with (I can live with the restriction that only a given package can know its own certificate).
I have been trying to use httpclient to post data on https (secure). I have searched all forums of android but I could not find any solution that works with httpclient on https. I have seen some solutions using HttpsURLConnection. and SSLContext. I would like to go with httpclient not URLConnection as I require to manage cookies and al. I am looking for your exert advice on above matter..............
View 3 Replies View RelatedWhen I open the browser on my n1 the default page is Google.com. I get an certificate error saying the one I am having is not dated correctly. What to do?
View 4 Replies View RelatedI am using eclipse android plugins to build a project, But i am getting this error in the console window:
[2010-02-03 10:31:14 - androidVNC]Error generating final archive: Debug certificate expired on 1/30/10 2:35 PM!
I'm writing an Android app that requires SSL client authentication. I know how to create a JKS keystore for a desktop Java application, but Android only supports the BKS format. Every way I've tried to create the keystore results in the following error:
handling exception: javax.net.ssl.SSLHandshakeException: null cert chain
So it looks like the client is never sending a proper certificate chain, probably because I'm not creating the keystore properly. I'm unable to enable SSL debugging like I can on the dekstop, so that's making this much more difficult than it should be.
For reference the following is the command that IS working to create a BKS truststore:
keytool -importcert -v -trustcacerts -file "cacert.pem" -alias ca -keystore "mySrvTruststore.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "bcprov-jdk16-145.jar" -storetype BKS -storepass testtest
Here is the command I've tried that is NOT working to create a BKS client keystore:
CODE:.........................
I'm having some issues getting a certificate to install for my wireless network. I have the cert on the root of the SDcard I set the credential storage password in the security settings. And I try to install the certificate and ti says the password is not correct.
View 2 Replies View RelatedI am having trouble installing a CA certificate on my Desire which I need to get access to my company's IPSec VPN.I understand the proper way to do this is to pack user certificate, user key and CA certificate into a single PKCS12 file, put it on the SD card and use the built-in certificate installation tool to unpack and install the certificates.I have my user cert and key packed into a single PEM file and the CA in a separate CRT file.However, when installing the p12 file on the Desire from the SD card, it only installs the user cert and key, ignoring the CA certificate. Thus, I can't set up an IPSec VPN.I also tried putting the CA crt file on a web site and installing it using the browser, but the browser thinks is is a user certificate rather than a CA cert and installs it as such. Is this a bug, or am I doing something wrong? Did anyone even manage to get this to work? Any suggestions would be much appreciated. I already mailed HTC support a few days ago, but didn't get an answer do far.
View 3 Replies View RelatedI'm currently trying to write a basic program that can parse json code which is generated by a php file saved on a server. The server is a HTTPS sever and I'm getting the following error.
I know where to get the ssl certificate for the server but even with it installed on my machine (on which i test the code on an emulator) , I still get the following error:
javax.net.ssl.sslexception: not trusted server certificate
Is there any way I can get the app to trust the sever specifically or get the app to trust all servers regardless of certificates.
Does anyone know if one of the custom roms support self signed certificates when attempting to sync with an exchange server?
I can sync with RoadSync, and with Touchdown, however thier interfaces kinda suck! (they don't populate the stock interface. ie: calendar, contacts, or mail) not only that, but they cost $!
I have read everything I could find on the web, I have talked till I was blue in the face to sprint. (sorry maybe that's why I'm so grumpy this AM. they don't know much of anything other than how to apologize for not knowing much of anything!)
I run a small business server (2003) with exchange 2003 integrated. By default, when installing, my exchange server is assigned a ".local" extention. Installation errors out all over the place if you try to use a ".com or net" etc. so even though I can add a public email domain to exchange ie: "mydomain.net", exchange still presents a certificate with the ".local" extension. Android dosen't give me an error log to confirm my suspicions; however when installing "roadsync" I get an un-trusted certificate warning AND the option to accept it. (similar with "Touchdown")
I just got my new HTC Magic ?Maybe a very cool phone? I have a serious problem that I hope someone can help me with or maybe lead me in some direction. I want to sync with my companies Exchange server (exchange 2007) but every time I try I get this error message: ?Error: failed to create account. Please try again later? any ideas? I have been searching the web for a week now ? but no luck. Maybe the problem is related to a certificate problem since we are using a self-signed root certificate and I am not able to import it (like on a Iphone or MS WinMoblie) Maybe someone knows how to import a root-certificate?
View 2 Replies View RelatedI'm a new user of Desire. I was happy to receive the phone but there is something I can not do I want to access my Exchange server with Active Sync, but I have apparently to import a certificate from my IT service on the device. The certificates are .cer or .p7b Is there a way to import those certificates on the Desire?
View 3 Replies View RelatedI'm writing this after I just previewed my post. I obviously don't know how to post pictures. What file hosting sites are you guys using to share pictures?
I don't know why these links are not coming up below. The HTML tags are IMG and /IMG which look right to me. [URL]
Oh, well. I don't know why it won't embed but at least the links are live so you can click on them to see what my original post is talking about.
I recently installed and started using Google Tracks and Google Earth last night and now, this morning, I can't do a Google search in the search bar widget or in Chrome url field. Here are some of the results I have been getting after trying. How do I correct things so that I can continue searching as normal?