如何启用Google Play应用签名 [英] How to enable Google Play App Signing
问题描述
我认为很多开发人员正试图详细了解Google I / O 2017上展示的新版Google Play App Signing功能。
keystore在Google Play中对应用程序进行签名,节省您安全存储密钥存储的成本,并且可以帮助系统根据硬件和操作系统特性优化为每台设备提供的APK。
您可以在以下官方文档中阅读有关此主题的更多信息:
接受App签署TOS。
第1步:下载PEPK工具点击与下图完全相同的按钮
<第2步:打开一个终端并输入:
$ b
java -jar PATH_TO_PEPK --keystore = PATH_TO_KEYSTORE
--alias = ALIAS_YOU_USE_TO_SIGN_APK --output = PATH_TO_OUTPUT_FILE --encryptionkey = GOOGLE_ENCRYPTION_KEY
传说:
- PATH_TO_PEPK =您在第1步中下载的pepk.jar的路径,可能类似于
C:\Users\YourName\Downloads\pepk.jar
for Windows users。 - PATH_TO_KEYSTORE =您用于签署APK版本的密钥库路径。可能是* .keystore或* .jks类型的文件,或者没有扩展名。像
C:\Android\mykeystore
或C:\Android\mykeystore.keystore
等等。 。 - ALIAS_YOU_USE_TO_SIGN_APK =您用于签署发行版APK的别名的名称。 / em> =扩展名为.pem的输出文件的路径,类似于
C:\Android\private_key.pem
- GOOGLE_ENCRYPTION_KEY =此加密密钥应始终保持不变。您可以在应用程序签名页面找到它,并将其复制并粘贴。应该采用以下格式:
eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a
示例:
java -jarC:\Users\YourName\Downloads\pepk.jar--keystore =C:\Android\ mykeystore
--alias = myalias --output = C:\Android\private_key.pem --encryptionkey = eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a
按Enter键,您需要按顺序提供:
- 密钥存储密码
- 别名密码
如果一切正常,您现在将在PATH_TO_OUTPUT_FILE文件夹中有一个名为 private_key.pem
。
第3步:上传private_key.pem文件,点击bu tton与下图完全相同
第4步:使用Android Studio创建新的密钥库文件。 $ b
您将需要此KEYSTORE在未来签署
您的应用程序的未来发行版,请勿忘记密码
打开一个Android项目(随机选择一个)。转到 Build - > 生成签名APK ,然后按创建新的。
a href =https://i.stack.imgur.com/O9okH.png =noreferrer>现在您应该填写必填字段。
$ b
密钥存储路径代表您要创建的新密钥库,使用右侧的3个点图标选择一个文件夹和一个名称,我选择
C:\Android\upload_key.jks
(将自动添加.jks扩展名)
注意:I使用
upload
作为新的别名,但如果您以前使用了具有不同别名的相同密钥库来签署不同的应用程序,则应该选择以前在原始密钥库中的相同别名。
完成后按OK,现在您将拥有一个新的 upload_key.jks
密钥库。您可以立即关闭Android Studio。
第5步:我们需要从新创建的 upload_key中提取上传证书.jks
密钥库。
打开终端并键入:
keytool -export -rfc -keystore UPLOAD_KEYSTORE_PATH -alias UPLOAD_KEYSTORE_ALIAS
-file PATH_TO_OUTPUT_FILE
图例:
C:\Android\upload_key.jks
。
upload
。
C:\Android\upload_key_public_certificate.pem
。
示例:
$ b
keytool -export -rfc -keystoreC:\Android\upload_key.jks-alias upload -fileC: \Android\upload_key_public_certificate.pem
按Enter键,您将需要提供密钥存储密码。
现在如果一切正常,您将在文件夹PATH_TO_OUTPUT_FILE中有一个文件,名为 upload_key_public_certificate.pem
。
第6步:上传 upload_key_public_certificate.pem
文件,点击与下图完全相同的按钮
第7步 ENROLL 按钮在应用程序签名页面的末尾。
现在每个新版APK都必须使用
upload_key.jks
在第4步中创建的密钥库和别名,然后上传到Google Play Developer控制台。 更多资源:
答:在构建APK版本时,选中两个签名(V1和V2)签名APK。阅读此处获取更多详情。
I think a lot of developers are trying to learn more about the new Google Play App Signing feature presented at Google I/O 2017.
The ability to store the keystore to sign the apps inside Google Play save you the effort to safely store the keystore and can help the system to optimize the APKs served to every device, based on hardware and OS characteristics.
You can read more about this topic in the official documentation here : https://developer.android.com/studio/publish/app-signing.html#google-play-app-signing.
With the following answer, i will explain a bit better the steps you need to follow to upload your original keystore and how to create the new upload keystore, which you will need to sign your APK from this point onwards.
This guide is oriented to developers who already have an application in the Play Store. If you are starting with a new app the process it's much easier and you can follow the guidelines of paragraph "New apps" from here
Prerequisites that 99% of developers already have :
Android Studio
JDK 8 and after installation you need to setup an environment variable in your user space to simplify terminal commands. In Windows x64 you need to add this :
C:\Program Files\Java\{JDK_VERSION}\bin
to thePath
environment variable. (If you don't know how to do this you can read my guide to add a folder to the Windows 10Path
environment variable).
Step 0: Open Google Play developer console, then go to Release Management -> App Signing.
Accept the App Signing TOS.
Step 1: Download PEPK Tool clicking the button identical to the image below
Step 2: Open a terminal and type:
java -jar PATH_TO_PEPK --keystore=PATH_TO_KEYSTORE --alias=ALIAS_YOU_USE_TO_SIGN_APK --output=PATH_TO_OUTPUT_FILE --encryptionkey=GOOGLE_ENCRYPTION_KEY
Legend:
- PATH_TO_PEPK = Path to the pepk.jar you downloaded in Step 1, could be something like
C:\Users\YourName\Downloads\pepk.jar
for Windows users. - PATH_TO_KEYSTORE = Path to keystore which you use to sign your release APK. Could be a file of type *.keystore or *.jks or without extension. Something like
C:\Android\mykeystore
orC:\Android\mykeystore.keystore
etc... - ALIAS_YOU_USE_TO_SIGN_APK = The name of the alias you use to sign the release APK.
- PATH_TO_OUTPUT_FILE = The path of the output file with .pem extension, something like
C:\Android\private_key.pem
- GOOGLE_ENCRYPTION_KEY = This encryption key should be always the same. You can find it in the App Signing page, copy and paste it. Should be in this form:
eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a
Example:
java -jar "C:\Users\YourName\Downloads\pepk.jar" --keystore="C:\Android\mykeystore" --alias=myalias --output="C:\Android\private_key.pem" --encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a
Press Enter and you will need to provide in order:
- The keystore password
- The alias password
If everything has gone OK, you now will have a file in PATH_TO_OUTPUT_FILE folder called private_key.pem
.
Step 3: Upload the private_key.pem file clicking the button identical to the image below
Step 4: Create a new keystore file using Android Studio.
YOU WILL NEED THIS KEYSTORE IN THE FUTURE TO SIGN THE NEXT RELEASES OF YOUR APP, DON'T FORGET THE PASSWORDS
Open one of your Android projects (choose one at random). Go to Build -> Generate Signed APK and press Create new.
Now you should fill the required fields.
Key store path represent the new keystore you will create, choose a folder and a name using the 3 dots icon on the right, i choosed
C:\Android\upload_key.jks
(.jks extension will be added automatically)NOTE: I used
upload
as the new alias name but if you previously used the same keystore with different aliases to sign different apps, you should choose the same aliases name you had previously in the original keystore.
Press OK when finished, and now you will have a new upload_key.jks
keystore. You can close Android Studio now.
Step 5: We need to extract the upload certificate from the newly created upload_key.jks
keystore.
Open a terminal and type:
keytool -export -rfc -keystore UPLOAD_KEYSTORE_PATH -alias UPLOAD_KEYSTORE_ALIAS -file PATH_TO_OUTPUT_FILE
Legend:
- UPLOAD_KEYSTORE_PATH = The path of the upload keystore you just created. In this case was
C:\Android\upload_key.jks
. - UPLOAD_KEYSTORE_ALIAS = The new alias associated with the upload keystore. In this case was
upload
. - PATH_TO_OUTPUT_FILE = The path to the output file with .pem extension. Something like
C:\Android\upload_key_public_certificate.pem
.
Example:
keytool -export -rfc -keystore "C:\Android\upload_key.jks" -alias upload -file "C:\Android\upload_key_public_certificate.pem"
Press Enter and you will need to provide the keystore password.
Now if everything has gone OK, you will have a file in the folder PATH_TO_OUTPUT_FILE called upload_key_public_certificate.pem
.
Step 6: Upload the upload_key_public_certificate.pem
file clicking the button identical to the image below
Step 7: Click ENROLL button at the end of the App Signing page.
Now every new release APK must be signed with the upload_key.jks
keystore and aliases created in Step 4, prior to be uploaded in the Google Play Developer console.
More Resources:
- Google documentation on Google Play App Signing
- Form to request the reset of your upload keystore if you lose it
Q&A
Q: When i upload the APK signed with the new upload_key keystore, Google Play show an error like : You uploaded an unsigned APK. You need to create a signed APK.
A: Check to sign the APK with both signatures (V1 and V2) while building the release APK. Read here for more details.
这篇关于如何启用Google Play应用签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!