Certificate Problems Submitting APK to ADC2

androidWheel of Yum has been on the Android market for a few weeks now and keeps getting lot’s of positive feedback. So a few days ago we decided to submit it to this year’s Android Developer Challenge. We agreed on some new features, an improved UI design, and got coding. Being that the ADC submission deadline is tomorrow midnight PT we knew we were kind of up against a wall getting a new release ready, but got everything built and tested by early Sunday evening anyway … and thats when we tried to submit our app to the ADC market…

Before I discuss the sordid tail of how our beleaguered little app finally made it to the ADC market let’s cover what we did in preparation first. Wheel of Yum, of course, is already available for free in the general Google Android market, though it hasn’t been there long enough to be disqualified by the ADC submission rules. Knowing that the two markets are linked somehow, we knew we had to makes some modifications to our ADC submission. Namely, our submission’s package name.

Our general market package name is com.media1908.wheelofyum. So we changed our submission app’s package name to com.media1908.wheelofyum.adc. Simple eh? Our testing phones seemed to agree and correctly treated our submission version as a separate application. So, we signed our submission app with the same key we sign all of our other apps and tried posting it to the ADC site. Then Google bounced it back at us with this error:

“The server does not accept apks signed with the debug certificate. Create a new certificate that is valid for at least 50 years. The server requires that the certificate used to sign the apk be valid until at least October 22, 2033. Create a new certificate.”

Ok, so there’s some signing issue with our app ya? We re-signed, re-posted, and same error. Then we tried making a key with a 100 year expiration, again the same. That’s when I downloaded the JDK and used Jarsigner to verify the app’s sig. It looked ok, except jarsigner wasn’t making it clear weather or not the expiration date was 3009 or 2009, as it only showed a 2-digit year! So not being sure we made another key, this time for 50 years.

Re-signed, re-posted, and same error.

Now I tried creating the keystore manually with Keytool and manually signing the app with Jarsigner (we were using eclipse + ADT for all this before). Re-signed, re-posted, and same error. Frustration was imaginably high at this point and we were close to calling it quits.

Then we considered another possibility: maybe there’s still a problem with the package name?

Of course, the error message coming from Google didn’t indicate there was a problem with the package name, but it seemed clear that the certificate wasn’t really the problem. Hypothesizing that there was some kind of package name collision happening in the market platform, I tried a new package name: com.media1908wheelofyumadc … just removing the periods from the original.

Re-signed, re-posted, and BOOOM! That bad boy went up like gangbusters … 4 hours later than we planned, but alas.

In addition to underscoring the importance of meaningful error reporting, this journey also taught us this:

Missing one Suday’s worth of Adult Swim != end of the world