PWA2APK on play store is still showing url - google-play

I created a progressive web app, and it works perfectly. It prompts for installation and it saves the link on the android home and it shows no url address bar.
Then I used PWA2APK (https://appmaker.xyz/pwa-to-apk/) to create an APK and deploy on play store.
Once built, I downloaded the assetlinks.json, added the certificate SHA-256 modifying the assetlinks.json in this way (I changed values):
[
{
"relation": ["delegate_permission/common.handle_all_urls"],
"target": {
"namespace": "android_app",
"package_name": "xyz.appmaker.pblx",
"sha256_cert_fingerprints": ["AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA","SHA256: BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB"]
}
}
]
Then I pushed it online, and verified that www.exemple.com/.well-known/assetlinks.json show the values in the browser.
The package name is the same of the APK, and the SHA-256 is the Application signing certificate.
I also added icons, screen capture and all the necessary stuff. the total workflow is validated. So once deployed a version for an internal test, I expected it to work correctly, but it doesn't. The application is installed with a default icon, it shows the rl address bar and it has some load problems.
Did anybody experienced the same issues? How did you solve it?
Thanks.

I am part of the team that build this tool. And as for the question, this can be solved by removing SHA256 from following.
Before:
"sha256_cert_fingerprints":
["AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA","SHA256:
BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB"]
After
"sha256_cert_fingerprints": ["AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA:AA","BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB"]
This should fix the issues you had with the address bar.
And yes, feel free to reach out in support forum anytime. Happy to help and thanks for using PWA2APK

This is just speculation, but are you using Google Play App Signing? With Google Play App Signing the app certificate should be the one Google signs your app with, not the one you sign with to upload to Google. The documentation is here. Specifically it says, under step 3 of the "New Apps" section.
Step 3: Register your app signing key with API providers
If your app uses any APIs, you usually need to register the certificate of the key Google signs your app with for authentication purposes using the fingerprint of the certificate. Here’s where to find the certificate:
Sign in to your Play Console.
Select an app.
At the left menu, select Release management > App signing.
Copy the fingerprints (MD5, SHA-1 and SHA-256) of your app signing certificate.
If the API provider requires a different type of fingerprint, you can also download the original certificate in .der format and convert it using the transformation tools that the API provider requires.
If you get the SHA-256 as described above and put it in your JSON instead it might work.

Simply copy your sha256 key from play console and paste after your original key in "sha256_cert_fingerprints" and build and deploy.
After uninstall and install the app from playstore

Related

Add-In Error: Content is blocked because it isn't signed by a valid security certificate in Outlook 365

Currently I am developing my custom add-in for outlook 365/
Then I am trying to use it for testing for example it shows me error. I investigated and found what it opens addon in iframe in edge browser. So question is how to add certificate/s to edge to allow my app to work in it?
I am using :
Outlook 365 desktop edition
What I tried
Switching flag in Edge browser to allow not certified certificates to "work"(same thing was done in chrome and it worked there)
As suggested in comments to use office-addin-dev-certs. Well I installed them on my project by using npm install office-addin-dev-certs and then I am trying to verify it by this command office-addin-dev-certs verify it throws error in console see image 3
exported certificates from chrome and imported them in edge browser and also on my machine . It did not helped.
The easy solution that worked for me was remove .office-addin-dev-cer from User folder. Then by running my Add-Ins by npm start I got popped by a message box to remove existing certificates (ca.crt, localhost.crt). After clicking on Yes for 3 messages I have been asked to install new certificates and all certificates re-installed and my Add-Ins works fine now.
While not strictly required in all add-in scenarios, using an HTTPS endpoint for your add-in is strongly recommended. Add-ins that are not SSL-secured (HTTPS) generate unsecure content warnings and errors during use. If you plan to run your add-in in Office on the web or publish your add-in to AppSource, it must be SSL-secured. If your add-in accesses external data and services, it should be SSL-secured to protect data in transit. Self-signed certificates can be used for development and testing, so long as the certificate is trusted on the local machine.
See Server requirements for more information.
This may be an old issue which has resurfaced. You can see more info here
Well I found the solution. solution was to create and add certificate to app. In desktop outlook aka office outlook for desktop it uses Edge browser as sidebar for Add-ins.
Reason is what browsers need Subject Alternative Name in certificate.
So need to create a trusted self-signed SSL cert for localhost (for use with Express/Node) . So the solution was found in this post.

No opt-out option from App Signing in Google Play Console

I'm trying to opt out from App signing in Play Console but there is no option to opt-out. As you can see in pictures i have Change signing key but not opt out. Even when i open Change Signing Key i'm given option to upload my key but not to opt out. Is there any possibility to opt out now or this is mandatory and opt-out is not an option anymore?
Reading Google's Play Console Help article on Use Play App Signing there is a paragraph that states:
Note: For apps created before August 2021, you can still upload an APK and manage your own keys instead of using Play App Signing and publishing with an Android App Bundle
To me that reads from August 2021 (i.e. now), you won't be able to upload an APK and you also won't be able to manage your own keys. They should probably have split that sentence into two to make it clear that both options will no longer be available from August 2021.
Here's the link for reference: https://support.google.com/googleplay/android-developer/answer/9842756

Update manifest splash icon on PWA converted to APK

I've converted a PWA website into an Android app by using https://appmaker.xyz/pwa-to-apk/ convertor.
The splash icon looks pixelated for some reason. I've tried updating the manifest.json file with the correct icon at 512x512 but changes don't seem to get reflected on the installed app.
I've uninstalled the app, installed it again and did that connected to Wifi and with the phone plugged. Nothing changes.
I'm wondering if perhaps, as I've converted the PWA into a APK now I need to release a new version of the app on Google Play Store in order to update anything regarding manifest.json.
And if not, how do I force an update on the splash icon?
In short, yes, you will need to generate a new APK and release a new version to the Play Store. The reason is that the splash icon is part of the Android application and is generated when the Android package (APK) is created.
The bad news is that, unfortunately, pwa-to-apk doesn't offer the functionality of regenerating the package, and generating a new package for the same PWA will not work since, when updating the application to the Play Store, it must be signed with the same key used to sign the original package.
The good news is that it does allow the developer to download the certificate used to sign the application. If you downloaded the certificate and took note of the key alias and passwords, you will be able to generate a new package with the same name, using the original keys.
With the key saved to your file system, the alias, store password and key password at hand, you can useBubblewrap CLI to regenerate the project. Check out the Quick Start Guide.
A few additional instructions:
When Bubblewrap ask for the Application ID, ensure you are using the same ID used on the Play Store. The id can be seen in the Play Store URL for the application. As an example, the ID for https://play.google.com/store/apps/details?id=com.appspot.pwa_directory is com.appspot.pwa_directory and you need to use this value as the application id.
When Bubblewrap ask for Key store location, type in the path to the keystore file downloaded from pwa-to-apk.
When Bubblewrap ask for Key name, use the value of the alias generated by pwa-to-apk. The alias defaults to android.
Finally, when running bubblewrap build, use the key password and store passwords provided by pwa-to-apk.
With this, Bubblewrap will generate a new package that will not only contain the updated icon, but also uses the latest and greatest libraries available.

What is a 'trusted root certificate' and where do I get it to sign a Windows 8.1 App?

I'm creating a Line-Of-Business application for Windows 8.1+
I've completed the Apple variation and haven't had any issues with distribution.
In regards to releasing for Windows I'm told I need to sign my application with a trusted root certificate.
From what I can tell I can get these from Symantic or Digicert (I'm sure there are more options too).
1) Can someone tell me exactly what this is and why I need it?
2) Do I need the standard certificate or the "Extended Validation" certificate?
3) How would one sign their application with this certificate after it has been obtained?
Thank you!
Yes with Windows Desktop app we are going with sing in application with "Symantic of Digicert" certification and etc.
But with Windows Store app here things are different you need to do "Associate app with the Store..".
Here are the steps for it:-
Do right click on your project from solution explorer >> Select Store >> then select "Associate app with the Store..".
By it it will automatically download all content from store.
Notes :- You have to do "Reserve app name on Store" first.
=> You need Developer Dashboard account for Windows Store for it.
Check attached image for 1 and 2 so you can get idea.!
=> It also will download "YourAppName_StoreKey.pfx" file in your project, which you require.

How to sign Windows Store App?

I just completed my windows 8.1 app and now I want to put it in the store. This is my first app publishing in the store so I want to know that how can I sign my app using self sign certificate.
I referred various Msdn articles but they points to signing certificate for that apps that are going to be sideloaded.
Currently I am using Test certificate which can be generated from app manifest file packaging tab.
Thanks in advance.
You don't need to - Store-submitted apps are signed by the Store itself.

Resources