Copy link to clipboard
Copied
I updated to Android 5 OTA on two Nexus 7 2014 and 2013, after upgrading all the AIR apps were removed, native apps remained. I tried to install the apps from Google Play and i got an 505 install error.
The logcat error is below:
E/Finsky(4449): [1] PackageInstallerImpl.handleCommitCallback: Error -505 while installing air.com.123.456 INSTALL_FAILED_UPDATE_INCOMPATIBLE: Package couldn't be installed in /data/app/air.com.123.456-1: Package air.com.123.456 signatures do not match the previously installed version; ignoring!
The apps are the same as before upgrading , they were not updated, the certificate is the same.
Anyone else seen this problem, is there an AIR patch?
I can install the app by "adb uninstall" command then re installing from Google play.
Copy link to clipboard
Copied
Thanks Chirs, is this certificate issue/fix related to the -505 error when trying to re-install Air Apps after Lollipop slaughtered them all off the device?
Copy link to clipboard
Copied
Hey Chris, any update? Cheers
Copy link to clipboard
Copied
For our customers we prepared instruction how to use ADB. I hope this will help, while Google & Adobe prepare fix.
In russian - http://www.airbits.ru/lollipop505.htm
Copy link to clipboard
Copied
Thanks Reactor13!
I don't have an ETA on when an update will occur, but I'll let you know as soon as I can.
Copy link to clipboard
Copied
Reactor13
Your users will need to have USB Debugging enabled for that to work. Most users will need help to enable it. You also might want to add a batch (RunThis.bat) file to your zip to automate the process.
Copy link to clipboard
Copied
I am hoping this does not require an Android OTA update vs Google Play app update. Reason I think it is just the app is that I can sideload an air app from Dropbox or via adb, its only the play store installs that seem to generate 505. A side load will persist the previous data. Might need to test more but may be if your app is free, its easier to communicate to users to side load than get adb going and messing with drivers and command line.
Copy link to clipboard
Copied
Side loading doesn't work for me. The link that Chris sent suggested the fix would require an OTA from Google.
Copy link to clipboard
Copied
@LogicOnTap Maybe it is just a fluke and I will retry but apps that I couldn't install on Play can be installed via side load. What happens when you try to side load, I think error 505 is a play error, is there a different error via the installer or does it just fail. Anyway, agree that if side loading isn't reliable then not an option, I had success when I tried but haven't tested enough.
Copy link to clipboard
Copied
Like zeh said it's a cert issue. Side loading wont work. You can uninstall the app using ADB and then re-install it but you will lose your app data.
I also wonder if air apps that are installed on 5.0 will have a similar issue once the cert bug is fixed.
Copy link to clipboard
Copied
LogicOnTap, thanks for your suggestion.
Copy link to clipboard
Copied
My AIR 14 apps haven't been affected, so I wonder if reverting back could be a temporary solution? I can't recall whether there were any important Android changes between 14 and 15, 16...
Copy link to clipboard
Copied
Air 14 (0.0.125) i think fixed an OpenSSL security issue that Google warned developers about on Google play, if you use a version below this , you could get your app removed. I had version 14 apps and they go removed also by Android 5.
Google play and Adobe air: Security Alert: You are using a highly vulnerable version of OpenSSL
Copy link to clipboard
Copied
I think there's a lot of misinformation flying. Everyone need to read the thread carefully.
1. Using the new signing process will not fix anything for existing apps. The problem with existing apps is with the current signed certificate, and you can't change certificates on published apps.
2. This is not an Air problem exactly. Trying different or beta versions of Air will make no difference.
3. It is possible that old apps are not affected. It depends on how the app cert was generated. It just happens that the default/recommended method of generating the very is the one that's causing trouble.
Also of note: I think Google may have stopped pushing OTA updates to Nexus devices. That, or the OTA is done. My "uninstall" have dropped to normal numbers.
Copy link to clipboard
Copied
Thanks zeh for the clear easy to relate information. Hoping Google/Adobe find a solution soon.
Copy link to clipboard
Copied
Hi folks,
I have a new app that is scheduled for launch next week. I've got the new atd.jar file, and am planning to generate a new certificate using RSA-2048 encryption. I think, from what I've read so far that it's safer to target AIR 14 than AIR 15 - can somebody confirm this please?
I'm hoping this will be enough to avoid having issues, but I'd like to do some testing in advance. Does anybody know if these issues can be reproduced in the Android Simulator?
Steve Warren
Senior Software Engineer
Copy link to clipboard
Copied
@speakaboo-steve from what I understand AIR 14 and 15 are both affected, but using the new jar and a certificate made with RSA-2048 encryption should do the trick. The issue occurs when the app is installed under Android 4.4, then the OS is upgraded to Android 5. I'd bet you'd see it in the simulator if it's possible to upgrade the OS there.
I'm surprised at how many of my customers are comfortable using ADB to fix the problem (though it nukes their data). Reactor13's instructions are helpful; here they are translated to English:
Another solution I'm offering my customers is a link to an APK built with a different ID and certificate. Unfortunately it can't access the data from the original app, and there's nothing to stop this file from getting passed around except the honor system.
Copy link to clipboard
Copied
It's been a more than a week without any further information...
Please keep us informed about any kind of progress, even the tiniest one.
We need to know what's going to happen!
And we need react to our customers complaints. This is pretty severe!
Copy link to clipboard
Copied
I'm here with the same problem. I upgraded to 5.0 on my Nexus 10 last week and today when I tried to use the itvplayer app it said it wasn't installed - even though the shortcut was there! So I went to download it from playstore only to get this error message like other screen shots here. I've taken off my antivirus/firewall type stuff but it still wouldn't install. Any ideas would be very welcome.
Copy link to clipboard
Copied
This issue is occurring in my AIR game as well, tracking here: Android 5.0 Not compatible?
I had thought posting an app update with latest AIR version fixed issue but it did not. It only worked on my device because Adobe compiler deleted the old install. Installing from the app store doesn't work if previously installed before upgrade to Android 5.
I'm a bit concerned that the current plan is to fix in next Google OTA update. This could take weeks or months and it's not good customer service to pin this on Google and tell players to wait. In the meantime, is there not a better fix to help users than asking them to use ADB?
Copy link to clipboard
Copied
I apologize for the lack of updates, I'm just back from the Thanksgiving holiday in the US. Your current options for *new* applications continue to be:
We're continuing to work with Google. Addressing the issue with existing applications unfortunately will require an update by Google, not Adobe. I do not have an estimate when this will occur but I will update this thread once I have something I can share.
Copy link to clipboard
Copied
I have an app in the GooglePlay store, but it's still in beta development and hasn't been distributed outside my development team. The existing certificate is 1024-RSA.
Chris Campbell wrote:
- Update to our beta ADT which will correctly work with both 1024 and 2048 keys
Can I just compile with the beta version of ADT at this point and keep my existing GooglePlay entry and appID? Or would it be safer to generate a new 2048-RSA key, and create a new entry in the GooglePlay store?
Copy link to clipboard
Copied
Hi Steve,
I believe the answer is that it would be safer to create a new Play store entry and use either a 1024 or 2048 key with the new ADT. If you want to use the shipping ADT, then you'll want to go with 2048.
Chris
Copy link to clipboard
Copied
Does anyone know how to verify whether or not a certificate was created with RSA-1024 or RSA-2048?
I just created a new key like this:
keytool -genkeypair -alias androidkeystore -keystore myname.key.p12 -storepass mypassword -validity 10000 -keyalg RSA -keysize 2048 -storetype PKCS12
Then i used this line that a colleague found to test it:
openssl pkcs12 -in myname.key.p12 -info -noout
and got these results (that aren't very encouraging)
MAC Iteration 1024*
*MAC verified OK*
*PKCS7 Data*
*Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 1024*
*PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 1024*
*Certificate bag
Copy link to clipboard
Copied
We've been told that the 5.0.1 release fixes the AIR related issues. We're in the process of validating this ourselves and once I have confirmation I'll report back.
For those that haven't seen the release news:
http://www.droid-life.com/2014/12/02/android-5-0-1-headed-to-aosp-as-build-lrx22c/
Copy link to clipboard
Copied
Has anyone been able to confirm whether or not the 5.0.1 update resolves the -505 installation error issue?