Titanium JIRA Archive
Titanium SDK/CLI (TIMOB)

[TIMOB-16189] Android: Package - Installing a packaged app fails with INSTALL_PARSE_FAILED_NO_CERTIFICATES on a non-KitKat device

GitHub Issuen/a
TypeBug
PriorityCritical
StatusClosed
ResolutionFixed
Resolution Date2014-06-27T17:53:27.000+0000
Affected Version/sn/a
Fix Version/sn/a
ComponentsAndroid, CLI
Labelsqe-3.2.0-GA2
ReporterWilson Luu
AssigneeAllen Yeung
Created2014-01-15T01:25:47.000+0000
Updated2015-12-08T06:01:32.000+0000

Description

*Details:* After packaging an app from Studio *or* CLI (see CLI command below) and installing to a non-KitKat Android device (4.4), install will fail with INSTALL_PARSE_FAILED_NO_CERTIFICATES. However, installing a packaged app to a KitKat Android device (e.g. Nexus 5 (4.4)) works fine. This seems to occur after a clean install of Windows (so far) i.e. no Java, no node.js. Here is the CLI command used by Studio: 
"C:\Users\Tester\AppData\Roaming\npm\titanium.CMD" "--no-colors" "--no-progress-bars" "--no-prompt" "--no-banner" "build" "--platform" "android" "--sdk" "3.2.0.GA" "--build-type" "production" "--log-level" "trace" "--project-dir" "C:\Users\Tester\Documents\Appcelerator_Studio_Workspace\monkeyAlloy" "--target" "dist-playstore" "--android-sdk" "C:\android-sdk-win" "--output-dir" "C:\Users\Tester\Desktop" "--api-level" "10" "--alias" "wluu" "--keystore" "C:\Users\Tester\Desktop\wilsons_keystore" "--store-password" "**********" "--skip-js-minify"
To work around this for a non-kitkat device, you will need to manually sign the packaged app ([source](http://developer.appcelerator.com/question/153717/installing-apk-file-on-device---installparsefailednocertificates)): jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore KEYSTORE_FILE_LOCATION APK_FILE_LOCATION KEYSTORE_ALIAS *Steps to reproduce:* 1. Create a default Titanium Classic *or* Alloy app 2. Package the app to the Android App Store from Studio *or* using the above CLI command 3. After the app is packaged, go to the packaged app directory and install app to a non-KitKat device: adb install .apk *Actual:* App will fail with INSTALL_PARSE_FAILED_NO_CERTIFICATES in the cmd. *Expected:* App should not fail with INSTALL_PARSE_FAILED_NO_CERTIFICATES after packaging from Studio.

Attachments

FileDateSize
build.log2014-01-15T17:49:34.000+000041531
diagnostics.txt2014-01-15T02:52:31.000+000015085
kit_kat_log.txt2014-01-16T04:41:08.000+00004549
non_kitkat_log.txt2014-01-16T04:41:08.000+000014829
ti_info.txt2014-01-15T02:52:31.000+000014084

Comments

  1. Wilson Luu 2014-01-15

    Here is the command that Studio is using: 
       "C:\Users\Tester\AppData\Roaming\npm\titanium.CMD" "--no-colors" "--no-progress-bars" "--no-prompt" "--no-banner" "build" "--platform" "android" "--sdk" "3.2.0.GA" "--build-type" "production" "--log-level" "trace" "--project-dir" "C:\Users\Tester\Documents\Appcelerator_Studio_Workspace\monkeyAlloy" "--target" "dist-playstore" "--android-sdk" "C:\android-sdk-win" "--output-dir" "C:\Users\Tester\Desktop" "--api-level" "10" "--alias" "wluu" "--keystore" "C:\Users\Tester\Desktop\wilsons_keystore" "--store-password" "**********" "--skip-js-minify"
  2. Wilson Luu 2014-01-15

    Also, attached the ti info and diagnostics from studio.
  3. Ingo Muschenetz 2014-01-15

    Okay, it now appears that we should get the complete log file from the SDK build process, since it appears its not Studio's responsibility to pass in "-digestalg SHA1 -sigalg MD5withRSA"
  4. Thomas Huelbert 2014-01-15

    Hey Wilson, can you please provide the build log?
  5. Wilson Luu 2014-01-15

    Added the build logs from studio console.
  6. Wilson Luu 2014-01-16

    Also, included logcats when installing the packaged apps to a kitkat device (kit_kat_log.txt) and to a non-kikat device (non_kitkat.log.txt). In both log files, search for com.appcelerator.classic
  7. Wilson Luu 2014-01-17

    After some investigation, the following was realized: 1. If you create an Android keystore from Studio or use the default keytool command from [here](http://docs.appcelerator.com/titanium/latest/#!/guide/Distributing_Android_apps) AND your machine is using Java 1.7.X, then by default, keytool will use SHA256withRSA signature algorithm to sign your keystore. 2. Next, if you package your app with the keystore from step 1 and install the app to a KitKat device, then that should install without any issues (as noted in the bug description). 3. However, if you install the packaged app with the SHA256withRSA signature keystore onto a non-KitKat (< 4.4) device, then you will see the above bug behavior 4. Only a packaged app with a signed SHA1withRSA signature keystore can be installed onto a non-KitKat device; hence, for the manual jarsigner workaround
  8. Michael Gangolf 2014-02-12

    Same here: SHA1withRSA works on a non kitkat device, TI Studio 3.2.1 (alloy 1.3.1, sdk 3.2.1) uses SHA256withRSA by default and app installation will fail
  9. Michael Sharman 2014-03-07

    Same problem here. But I resolved it by creating a new key in my keystore with the signature algorithm set to SHA1withRSA. It appears that Titanium reads the algorithm type to sign by querying the keystore with keytool. I must have created my keystore with Java 7 without specifying the signature algorithm, as a result the key is permanently set to SHA256withRSA instead of SHA1withRSA. I solved the problem by recreating key with Titanium Studio running with Java 6. Now the dist-playstore build signs using the correct algorithm.
  10. Michael Gangolf 2014-06-24

    You can also just copy the command from the TIStudio console, paste it and change SHA256withRSA to MD5withRSA and run the command again. Thats how I use my old key and it will work with non-kitkat devices. When you create a new key in your keystore you can't compile updates for existing apps, or?
  11. Lokesh Choudhary 2014-06-27

    This issue has been fixed & working as expected. Also all the related tickets are fixed and closed. Closing.
  12. Lokesh Choudhary 2014-06-27

    Reopening to fix Spint
  13. Lokesh Choudhary 2014-06-27

    Closing
  14. carlo 2015-12-03

JSON Source