use export like this

thanks for the post

I was setting -verify and it was not asking for the passwd, fix that but...

I do have some more info

C:mykeytools>c:"Program Files"Javajdk1.6.0_07binjarsigner -verbose -keysto
re c:mykeytoolskeyscsi.keystore -signedjar mymedbox_signed.pdk pmPhr.apk csi.
keystore
Enter Passphrase for keystore:
jarsigner: Certificate chain not found for: csi.keystore. csi.keystore must ref
erence a valid KeyStore key entry containing a private key and corresponding pub
lic key certificate chain.

Here is the list output form the keytool not sure what a good out put should be I only see a PrivateKeyEntry. Should there be at Public?

C:mykeytools>c:"Program Files"Javajdk1.6.0_07binkeytool -list -alias comsi
key -keystore keys/csi.keystore
Enter keystore password:
comsikey, Dec 10, 2008, PrivateKeyEntry,
Certificate fingerprint (MD5): 67:6E:F4:40:47:D3:F7:65:32:93:83:83:5F:AB:BD:13
C:mykeytools>

looks like the jarsigner -signed flag is not working correctly. I resigned the jar with the simplest variation and it worked.

thanks

Jeff

soniya wrote:How to use "export" function????

Really ? That is the question ? I don't mean to be rude, but dammit..

Something tells we're up to see some interesting applications.

avolovoy wrote:Something tells we're up to see some interesting applications.

You haven't seen many questions here yet, I guess...

I fixed it thanks,

I removed the option flag -signed and it worked???

Bleeding edge

thanks

darolla wrote:well, this tutorial works fine. but only one time. after updating your source code, and updating version name and version number in manifest.mf, deploying wont work anymore on g1.

I have no solution but I can confirm this. First time it worked. Every subsequent install fails.

Try just updating the version number

Jeff

sazabo wrote:Try just updating the version number
Jeff

That was already tried by darolla and I can confirm it has no effect whatsoever. The actual error is...

Package [my.package] signatures do not match the previously installed version; ignoring!

In the user data folder that we don't have access to, the G1 continues to store some reference to the file even *after* it's removed. And then it compares the digital sigs of every subsequent app with the original. If they don't match it rejects them. Now the question is: why don't the sigs match? Is there something about the formulation of that jarsigner command that creates a new sig each time? Certainly we are using the same keystores.

Sorry, but I have no experience what so ever with signing and this tutorial really explains nothing to me..

I have created the folders in my workspace folders.. that keytool and key folder.. But that is about it, trying to run the command just tells me that there is no such thing as a keytool executable, which is kinda an expected response seeing as I just have an empty folder...

Also I can't find a keytool program anywhere, and that is with having Eclipse Ganymedes and android sdk of course.. I have exported my .apk file, but haven't really gotten to the point of "signing" it yet since I don't even have the keytool thingie set up, but really, this is something I have never ever used before, so please don't get patronizing on me.

Perhaps this is one of those things that would have eluded me when I have never ever worked with Java before?

Btw, am using winXP so it is Eclipse, Android SDK and cmd that I have at my disposal for this, I am sure it is super easy, if just someone would explain in 100% detail how to do this since I have no clue... Easy enough to follow the tutorial once I have the missing pieces.. like the keytool and jarsigner programs.. not sure if those are some I should download separately of if they come with the Android SDK or Eclipse IDE somewhere..

[update]
Been looking around for a bit now.. and well, nothing call keytool, so no program to launch from my cmd that can create that key thingies.. So probably no jarsigner either..

Tbh, I would have thought this would've been an automated Eclipse function, what's up with making it so complicated when it could be soo simple.. I really need this damn program signed before one day has passed.. Didn't think this would be the thing to halt me..

Ok I downloaded some keytool plugin for Eclipse..

But seriously, us here that have not done Java nor Linux or something before, we need a step by step guide for making it work with Eclipse..

And download links to the Keytool and jarsigner applications please...

It might be that I am tired, but I just can't make it work..

The keytool plugin I downloaded let me make a certificate, but couldn't reopen it with either passwords I made... And I don't know what this "keystore" thing is, I assume it is a bundle file where you can keep all your cerficicates/keys in?

Need this stuff explained really, never ever ever used it before in my life.. I need to know how to:

create that key thingie for my exported .apk file

sign said .apk file

if I need to download any programs to do this, is keytool and jarsigner something I need to download first to be able to use.

This describes it pretty well:

http://groups.google.com/group/android- ... 8?lnk=raot

found a solution to this on the android developer mailing list. you just have to delete your package from the

/data/system/packages.xml

file if you change the signature.

Sparkletron wrote:

sazabo wrote:Try just updating the version number
Jeff

That was already tried by darolla and I can confirm it has no effect whatsoever. The actual error is...

Package [my.package] signatures do not match the previously installed version; ignoring!

In the user data folder that we don't have access to, the G1 continues to store some reference to the file even *after* it's removed. And then it compares the digital sigs of every subsequent app with the original. If they don't match it rejects them. Now the question is: why don't the sigs match? Is there something about the formulation of that jarsigner command that creates a new sig each time? Certainly we are using the same keystores.

sazabo wrote:looks like the jarsigner -signed flag is not working correctly. I resigned the jar with the simplest variation and it worked.

thanks

Jeff

Jeff, can you please post the exact commands that you used. I am facing a similar issue when signing my apk using jarsigner.

Thanks.

I get the following Error from jarsigner .. what can i do??

Enter Passphrase for keystore:
Exception in thread "main" java.util.zip.ZipError: jzentry == 0,
jzfile = 34283992,
total = 22,
name = mydays04.apk,
i = 1,
message = null
at java.util.zip.ZipFile$2.nextElement(ZipFile.java:321)
at java.util.zip.ZipFile$2.nextElement(ZipFile.java:299)
at sun.security.tools.JarSigner.getManifestFile(JarSigner.java:1554)
at sun.security.tools.JarSigner.signJar(JarSigner.java:892)
at sun.security.tools.JarSigner.run(JarSigner.java:203)
at sun.security.tools.JarSigner.main(JarSigner.java:74)

greets
chris