"包没有签署正确"出现对某些用户 [英] "Package not signed correctly" appearing for some users
问题描述
我对谷歌的应用程序,玩了几年,已经看到了无数的更新。最新更新的(第一个在一段时间)安装失败对某些人来说,他们只是得到了包没有签署正确的错误消息。
I have an app on Google Play for years that has seen countless updates. The latest update (the first one in a while) fails to install for some people, they simply get the "Package not signed correctly" error message.
它为我的Android设备我在家里。我建立并签署了自定义生成系统,基本上可以归结为叫蚂蚁发布,然后按
It works for my Android devices I have at home. I'm building and signing with a custom build system that basically boils down to calling ant release, followed by
jarsigner -verbose -keystore $(keystore) -storepass $(storepass) $(appname).apk $(alias)
zipalign -v 4 $(appname).apk $(finalname).apk
这已经工作了多年,没有更改版本系统或密钥库,我不知道为什么它停止工作的部分的用户。
That has worked for years, there were no changes to the build system or keystore, I don't know why it stopped working for some users.
我注意到文档增加了以下注意事项:
I noticed that the documentation added the following caution:
从JDK 7中,默认签名algorithim(原文如此)发生了变化,需要你 指定签名和消化algorithims [原文](-sigalg和 -digestalg)当你签署一个APK。
As of JDK 7, the default signing algorithim [sic] has changed, requiring you to specify the signature and digest algorithims [sic] (-sigalg and -digestalg) when you sign an APK.
所以我添加 -sigalg带DSA的SHA1 -digestalg SHA1 ,其产生的APK具有不同的尺寸。我可以尝试滚动了这一点,但我不希望继续推动了更新,并惹恼用户不知道我其实是固定的东西。
So I added -sigalg SHA1withDSA -digestalg SHA1, which produces an APK with a different size. I can try rolling that out, but I don't want to keep pushing out updates and annoy the users without knowing that I'm actually fixing something.
为什么对某些人来说,这不仅达不到?如何解决呢?被明确指定-sigalg / -digestalg就够了吗?
Why does this only fail for some people? How do I fix it? Is explicitly specifying -sigalg/-digestalg enough?
推荐答案
现在的问题是一样的,你说,大约JDK7。为了克服,有许多在同一主题的讨论
The problem is same as you said about jdk7. To overcome that there are lot of discussions over the same topic
加试试这个
<presetdef name="signjar">
<signjar sigalg="MD5withRSA" digestalg="SHA1" />
</presetdef>
在你的的build.xml 文件
注意
现在的问题是建立一个发布版本后, 蚂蚁发布 将APK无法在物理设备安装
The problem is after building a release version with ant release the apk could not be installed on physical device
这只能发生在JDK 7使用JDK 25年6月1日一切都很好!
This only happens with JDK 7 with JDK 1.6.25 all is fine!
这只会影响一小部分,因为的jarsign JDK7需要SHA1摘要algm,但不使用默认的算法,不管他们。所以设备与其他算法为默认将拒绝这一点,并导致该问题。
It affects only a small percentage because for jarsign jdk7 need SHA1 digest algm, but not with the default algorithms, whatever they are. So device with some other algorithms as default will reject this and cause the problem.
的下面使用的算法
在默认情况下,签名的jarsigner使用下列之一的JAR文件:
By default, jarsigner signs a JAR file using one of the following:
DSA (Digital Signature Algorithm) with the SHA1 digest algorithm
RSA algorithm with the SHA256 digest algorithm.
EC (Elliptic Curve) cryptography algorithm with the SHA256 with ECDSA (Elliptic Curve Digital Signature Algorithm).
有关更多 JAR签名
这篇关于&QUOT;包没有签署正确&QUOT;出现对某些用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
