Allow Unsigned APKs on Android
Android requires that all APKs be digitally signed with a certificate before they are installed on a device or updated. Scalefusion provides feature of signing of an unsigned apk file which can then be uploaded through Enterprise Store thereby installing the app on devices.
This document guides you through some important concepts related to app signing, how to sign your app to make it ready for uploading via Enterprise Store.
How it Works
The admins are required to generate or download a signing certificate used for signing enterprise APKs that you upload to enterprise store. This certificate is generated via Scalefusion Dashboard.
When an unsigned apk is uploaded through enterprise store, the verification of the certificate is done after which the apk gets uploaded and can then be published on Scalefusion Managed Android devices.
Creating a Certificate
- On Scalefusion Dashboard navigate to Getting Started > Android Enterprise Setup > Android APK Signing Certificate
- Complete filling up this section by entering all details of the certificate.
- After entering details, click on Generate
- The certificate gets created and is displayed as shown below
Important Points to note
- A certificate once generated cannot be deleted or the details cannot be edited either
- The heading Android APK signing certificate is also marked by a green tick which denotes that the certificate is successfully generated.
- After certificate is created, there is a download button at the bottom that lets admin download the certificate. The certificate gets downloaded as a file in zip format which can then be given to the application developer for signing the apk.
Upload Unsigned APK to Enterprise Store
If the admin doesn't give zip file to app developer to get it signed, the other alternative is to upload the unsigned apk through Scalefusion's Enterprise Store. It gets verified (signed) with the certificate generated (by following the steps above) and then the app can be published on devices.
- Navigate to Application Management > Enterprise Store
- Click on Upload New App > Upload Android app
- Under Upload APK File either Drag & Drop the unsigned APK file or click on Browse Files and browse the file on your machine.Link to External APK can also be chosen to provide the link for apk file
- Once you upload the file, Scalefusion checks the validity of the APK file. Since the apk is unsigned, you get the following window with a message to either sign it with a certificate which would then upload the apk and install the app or give the information to app developer to sign the apk.
- Click on one of the following:
- Custom Sign: This option lets you use custom signing certificate (generated through Scalefusion) to sign this APK
- Cancel: If you do not want to use custom signing certificate, click on Cancel and give the app's information displayed here, to the application developer who can get the apk signed.
When you click Custom Sign, the verification for the certificate already generated, takes place. This can take few minutes.
Once the verification succeeds, then you will be shown a dialog with the App Information, and the list of Device Groups / Device Profiles / Device(s) on which the app can be Published.
This completes the process of signing an unsigned apk and then publishing the app on managed devices.
Certificate Mismatch
If you are uploading an upgraded version of a signed apk and there is a certificate mismatch because of the signatures of both versions (of apk) being different, the previous version first needs to be uninstalled only then the upgraded version will get installed. In this case following window will be displayed:
Choose one from the following:
a. Uninstall & Upgrade: Clicking on this will continue uploading the upgraded version of apk and show Publish dialog.
b. Cancel: Clicking on this will cancel the process and the admin can contact the developer of this app to get a version matching with previous signature.
