❗ AppGallery Signature Mismatch Error: Causes and Solutions
Introduction
Hello everyone! I’m Merve, an Android Developer at Huawei. Today, I want to share with you the signature mismatch issue encountered on AppGallery Connect and possible solutions.
If you’ve developed an app and plan to publish it on both AppGallery and Play Store, there is a critical aspect you need to pay attention to App signing!
The main purpose of app signing is to ensure security and integrity. You can click this link if you want to learn how to sign your app on AppGallery. You can click this link for the app signing process on Google Play.
Now, I want to discuss an important issue that developers encounter.
Signature Mismatch Reasons and Possible Solutions
Let’s assume you’ve published your app on AppGallery and are about to complete the app signing process. At the moment you are about to upload your signature details, you encounter the following warning message:
“The app signature key information is different from that of the app version uploaded earlier. Please upload a valid key file.”
If you are sure that you have only created one signature file but still encountering this error, there may be some points you have overlooked.
- If you initially published your app on the Play Store and signed the app there, but then uploaded the signed APK to AppGallery, you are likely to encounter this warning! After your app is published on the Play Store, Google adds its signature on top of yours. If you then upload this signed APK to AppGallery, you will unfortunately see this warning. Essentially, while you are uploading your own signed APK, you are uploading the APK signed by Google. To verify this, you can compare the signature details of the APK you published and your current APK. Compare the signature details of the APK published on AppGallery with the APK you are trying to upload now; you will find that the signatures of the two APKs are different. (You can use apksigner to check the signature details.)
- If you did not allow Google to sign your APK and you are certain that you have only one signature file, there may be some points you have overlooked. Especially if there have been handovers within your company, it is helpful to get in touch with your former team members. Gaining information about the signing process that was followed may help you resolve the issue.
“We’ve identified the cause of the problem, so what should we do to solve it?”
Since app signing is crucial for security, the solution options are limited. However, I can offer you two solutions:
- Upload the correct signature
- Change the signature
The second option is offered as a solution but is not recommended. This is because changing your signature can result in the loss of data such as download counts and ratings. Additionally, users who have previously downloaded your app may need to uninstall and reinstall it to access the latest version. If you are willing to accept these risks, you may proceed with changing the signature.
You can click this link to learn how to change the signature.
Note: If you do not see an option to change the signature, you need to indicate your request for a signature change in the notes/comments section when submitting your app for review.
Conclusion
Signing your app with the same signature file for both AppGallery and Play Store is the safest and most practical method. This ensures that your app is published with the same signature on both platforms and helps prevent potential signature mismatches. If you are using the Google Play App Signing service, Google will re-sign your app, so you may not have full control over your signature. If you are using this service, make sure to use your own generated signature file for AppGallery, not the one signed by Google Play. If you upload a Google Play-signed APK to AppGallery, you may receive a warning. Therefore, always use the APK signed with your signature when uploading to AppGallery. If you are not using Google Play App Signing, you can use your own generated signature file on both platforms. This way, you will avoid signature mismatches between the two stores.
You can find the Turkish version of this article on this link.
