如果签名密钥到期,现有的apks是否拒绝安装,或者只是意味着新的应用程序无法使用该密钥签名?
我们建议使用25年后到期的密钥,Google Play要求至少2033-10-22到期!然而,出于安全原因(Moore定律,破解算法等),有些人可能希望renew他们的密钥频繁发生.
如果apk的密钥已过期,是否有任何安装方式(不依赖开发人员重新发布)?
解决方法:
If a signing key expires, do existing apks refuse to install, or does it just mean that new apps can’t be signed with that key?
jarsigner将拒绝使用过期的密钥,安装时Android将拒绝使用旧密钥签名的apk,但已安装的应用程序将继续运行正常.
https://developer.android.com/guide/publishing/app-signing.html
If an apk’s key has expired, is there any way of installing it (without relying on the developer to re-release)?
是的,apk可以是resigned with your own certificate.
