•   about 3 years ago

App rejection due to certificate

Hi,
I've uploaded a gear app and it got rejected saying that the default key was used and I should use my own key. But I built the gear app with my certificate which I got from samsung.

Can anyone say what is going wrong?

Thanks.

  • 21 comments

  •   •   about 3 years ago

    make sure you actually added the key - the video says its auto added - but it isn't

    click on the add certificate icon and find the certificate-registration.xml file you got back from samsung. - along with the password - try all your passwords i was using the wrong one for ages.

    you can check its added by looking at preferences -> tizen sdk -> security profiles

    it should be listed if you have added it.

  •   •   about 3 years ago

    Hi turret,
    Are you uploading a .apk file? If so, you need to sign this too with your own private key. Signing the .wgt file is one thing, and signing the apk file is another thing. To generate a signed apk file in Eclipse ADT, right-click your project > Android Tools > Export signed Application package.
    Good luck.

  •   •   about 3 years ago

    @turret

    Again???

    Please follow the procedure given in Tizen IDE Help (Help Contents > Getting Started with Tizen Wearable > Development Environment > Tizen SDK for Wearable > Certificates).

    Note that you have to send/attach two files in email to "gear2.sec@samsung.com"
    (1.) certificate-request.xml.gpg
    (2.) Your Public Key. (.asc file which you can generate from GPA)

    To generate your public key in GPA:
    (1.) Single click on your key shown in "Key Manager" list. (the one with your email address)
    (2.) Click on "Export".
    (3.) Select a path and give a name with ".asc" extension. eg. C:\turret.asc

    turret.asc is your public key. You have to send this file too in same email as attachment.

    For certificate-request.xml.gpg there is enough instructions.

    You will get a reply with "certificate-registration.xml.gpg" file.
    You have to decrypt this file with GPA and "certificate-registration.xml" will be generated.
    Register this "certificate-registration.xml" in your tizen IDE. There is enough instructions in help file.

  •   •   about 3 years ago

    @macmorrison
    I've imported the certificate-registration.xml file successfully and it is visible in security profile. Then I built the gear app and copied the ".wgt" file to android assets folder.

    During building the gear app do I need to sign the app explicitly?

  •   •   about 3 years ago

    @mramosr85
    I've signed the andoriod apk with my own keystore. Is that ok?

  •   •   about 3 years ago

    turret,
    Yes, that is Ok. To sign your apk everything is done locally without requesting certificates to third-parties. I got the same error you mentioned above and the cause was that I was sending my apk in debug version. You should get no error now.

  •   •   about 3 years ago

    @Jaydev
    You saved me again.
    I've forgot to attach my key with the mail.

    Thanks.

  •   •   about 3 years ago

    Hello guys,

    Since the videos don't mention the need to attach our public key, I haven't done that, as well. I've received the certificate (the XML file) and signed my Gear app with it (of course, I didn't need to decrypt the certificate, even though the videos said I would; now I know why). Right now my app is "Under Device Testing" and has been there for around a day.

    Do you think I should re-request the certificate (and send the certificate request, as well as my public key) and re-submit my app (even if it's not yet rejected)? Will my app definitely be rejected? What if it wouldn't be rejected, but I re-request the certificate - will it somehow invalidate my build/app submission (or will I be able to just ignore the new certificate if the current one actually works)?

    Thanks in advance!

  •   •   about 3 years ago

    @DominoOne

    Hi,
    Try to follow the instructions as Jaydev said..

    If you are using the latest version of Thunderbird then you will be asked for encrypting only the message or to encrpt the attachments as well. You need to encrypt the message only and dont forget to attach certificate-request.xml.pgp and your .asc file you have generated.

  •   •   about 3 years ago

    @DominoOne, the short answer - no you don't need to re-request the certificate.

    I think it doesn't matter that much whether you add your public key in the attachment of certificate request email or you don't. The only difference is - if you add it, Samsung will be able to encrypt the xml and only you will be able to decrypt it, thus making sure that even if someone else gets access to that email, they won't be able to use your certificate. That's just another security precaution, that's all. The xml itself is the same.

  •   •   about 3 years ago

    @andris, your comment makes perfect sense and I was thinking the same. But then you're saying that turret's problem wasn't caused by not attaching his public key?

  •   •   about 3 years ago

    @DominoOne, yes, I think so. I'm inclined to agree with @mramosr85 regarding @turret's issue.

  •   •   about 3 years ago

    @andris
    My issue was not sending the encrypted xml file, instead I sent the raw file.

  •   •   about 3 years ago

    @turret, alright - that's different issue from what @DominoOne was worried about. But I think, if you received certificate xml from the Samsung then it probably was correct. Doesn't matter whether you encrypted your request xml or not. See - by encrypting the request xml with Samsung public key you ensure that only Samsung could have decrypted it, so it's again a security precaution. If you didn't encrypt your request and Samsung wouldn't accept it, they wouldn't respond to you with a certificate xml, right?

  •   •   about 3 years ago

    @andris
    Got it.

  •   •   about 3 years ago

    @turret, @andris,, @DominoOne, @macmorrison, @mramosr85

    Does that means that there are still chances for turret to fail certification with same reason?

  •   •   about 3 years ago

    I think if all @turret did was replace the certificate, which he got previously from Samsung, with a new one, then there are such chances, yes. It would help to see the exact rejection message.

  •   •   about 3 years ago

    @andris

    Here is the exact rejection message....

    =======================
    Detected Device: Common

    #: 1

    Defect ID: 13469487

    Test Category: Ad-Hoc

    Title: SDK Default key was used

    Test Result:

    SDK Default key was used

    SDK default key was used. To publish, developer own key should be used with registration file.
    For more information, refer to IDE -> Help contents -> "Generating a certificate request" or Help Contents > Getting Started with Tizen Wearable > Development Environment > Tizen SDK for Wearable > Certificates

    =======================

  •   •   about 3 years ago

    @andris

    In rejection mail there is a line: "Result : Test Confirmation Rejected"
    That's all. All the other information and links are given for formality.
    eg:
    Summary:

    Dear Seller,

    Thank you for submitting your application to GALAXY Apps.
    We reviewed your application and found serveral issues that need to be modified.
    Please refer to the report after access the Store and resolve defects in your next update.
    And it mignt be helpful if you refer the certification policy and tips.
    - Certification Policy : http://developer.samsung.com/distribute/app-certification
    - Quick Guide : http://developer.samsung.com/distribute/app-certification/quick-guide
    - Tip 10 Failures and tips : http://developer.samsung.com/distribute/app-certification/top-10-failures-and-tips
    - Self Checklist : http://developer.samsung.com/distribute/app-certification/self-check-list

    Thank you very much for being with us.
    We ask for your continuous interest and participation.

    Certification Team @ GALAXY Apps

  •   •   about 3 years ago

    @Jaydev, @turret - so from the error message it looks, that the problem indeed is related to signing Tizen wgt, not Android apk. Perhaps the certificate wasn't imported into Tizen IDE? That can be checked by going to Window/Preferences/Tizen SDK/Security Profiles. I think Author and Distributor certificate entries are required to be there.

  •   •   about 3 years ago

    I'm really not uderstanding what to do to run the app. I already received both, author.crt, and the device-profile.xml from the gear2.sec@samsung.com. I put them in the form, hit ok and receveid a message of successful registration and a Secturity Profile is added with the .p12 files, BUT when I right-click the device and choose permit to install applications, it shows an error saying Certificate has not been registered. What is missing to do?

Comments are closed.