Skip navigation
distropolis
distropolis
Currently Being Moderated

Publishing for Android has changed. How do I create a certificate using the new Google guidelines?

Dec 14, 2012 11:14 AM

The Google Play developer console has changed and now seems to require apps to use a "Base64-encoded RSA public key".  The key is provided under the "Services & APIs" tab in the new developer console. 

 

QUESTION: How to I go about converting the key provided by Google to a p12 file I can use when I compile from Flash Pro CS6?

 

I'm on both Mac/PC.

957 Views   12 Replies   Latest reply: nukeme2, Dec 31, 2012 11:35 AM
 
Replies
  • distropolis
    Currently Being Moderated
    2. distropolis,
    Dec 14, 2012 4:25 PM   in reply to sinious
    Report

    I'm not seeing how this can get me to a p12 file.  It might be able to get the RSA to a PEM and then to P12 but this seems insanely ridiculous.

     

    Anyone actually use Flash Pro & Air to make an Android app without using the command line?

     
    |
    Mark as:
  • sinious
    Currently Being Moderated
    3. sinious,
    Dec 14, 2012 4:32 PM   in reply to distropolis
    Report

    Probably not. Creating a CSR, converting a .cer to a PEM and then to a .p12 is pretty darn easy with OpenSSL. Here's that process:

     

    CSR OpenSSL:

     

    http://help.adobe.com/en_US/as3/iphone/WS144092a96ffef7cc-371badff126a bc17b1f-8000.html

     

    p12 from .cer w/ key:

     

    http://help.adobe.com/en_US/as3/iphone/WS144092a96ffef7cc-371badff126a bc17b1f-7fff.html

     

    It's iOS articles but you can see the process just the same. I use this process myself and I don't mind command line, and I even have Keychain (Mac).

     
    |
    Mark as:
  • distropolis
    Currently Being Moderated
    4. distropolis,
    Dec 14, 2012 5:04 PM   in reply to sinious
    Report

    So ... essentially the little button in the Flash Pro IDE that says "Create" won't actually create a usuable certificate?

     
    |
    Mark as:
  • sinious
    Currently Being Moderated
    5. sinious,
    Dec 14, 2012 5:13 PM   in reply to distropolis
    Report

    Certificates are about authenticating your true identity. Otherwise people would be installing apps from [insert random villian] that would [do malicious things]. So no, you can't just create your own random identity and upload apps into the general market.

     
    |
    Mark as:
  • distropolis
    Currently Being Moderated
    6. distropolis,
    Dec 14, 2012 5:30 PM   in reply to sinious
    Report

    Interesting.  I wonder how Adobe can tout the ability to create Android applications and then have virtually no documentation on this required step of the publishing process.  The process for iOS is very well documented.
    I'm working with a publisher and not comfortable scavenging bits of info and scrapping together a (hopefully) usable certificate. with various bits of info ... 

     

    According to one of the docs above, the key can actually be "self signed" even for release ... so does this mean I CAN use Flash to generate the key?

     

     

    Also ... I don't think that any of the above info will actually work with the new Licensing requirement in the Google Play dev console.  This changed very recently.

     

     

    It would be great if there was a guide on how to create these files for Android specifically. I guess I'll hold off on developing for Android until someone can make this clear. I appreciate you chiming in Sinious!

     
    |
    Mark as:
  • sinious
    Currently Being Moderated
    7. sinious,
    Dec 14, 2012 5:35 PM   in reply to distropolis
    Report

    Late for me but a last tid bit. It's the same as any certificate (SSL, etc). You need to be verified.

     

    iOS does this by requiring you to submit a request to their system, they process a certificate (if valid) and you generate it from that. Certificates are all pretty similar. The process will be the same whether Apple or Google or [whatever]. Develop a request, log into your account and submit, receive a response, use the response to create the final validated cert.

     
    |
    Mark as:
  • nukeme2
    Currently Being Moderated
    8. nukeme2,
    Dec 18, 2012 9:32 AM   in reply to sinious
    Report

    The thing is that there is no submit/download a certificate from this new Google developer console.  They just provide a box for you to copy , I guess, the certificate code ie .   IIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW9KWZIofIO9pirZInSKg3nITST LD7+lOAnR7zaGANp143Sfm3npjgVylttbnzxJSNsPLkLAZ+t8KIjDh+ndQsPfiHeWGx/fg x/eYGeDy90xqCcIOdfjPXBuzmn/V220gL0Qm4Ti526+4GaQvanLuuERvpoUBqR...

    etc gobbledygook, so I think the question is how do we make a .p12 out of that?   I use OpenSSL to make a .p12 happily when I have a CertificateSigningRequest.certSigningRequest as per IOS  but otherwise not sure where to go with this new system.

    Could it be the end of Flash and android apps?

     
    |
    Mark as:
  • sinious
    Currently Being Moderated
    9. sinious,
    Dec 18, 2012 11:54 AM   in reply to nukeme2
    Report

    Looks like they're giving you an ingredient to generate the certificate but it also appears alien to me. I only used their previous system and my account isn't even active. You know it's a new developer console so there must be some "What's New" type of content for you to view. Google was always very forward and practical with documentation. Apple on the other hand, ugh...

     

    If I could log in I'd help but I'm just tidying up here saying I can't see what you're seeing at the moment. Not until I need to dev on Android again at least ><. Sorry!

     
    |
    Mark as:
  • nukeme2
    Currently Being Moderated
    10. nukeme2,
    Dec 18, 2012 1:45 PM   in reply to sinious
    Report

    In the end I uploaded with my own flash generated .P12 and it went through OK. The only concern I have now is whether the app links to their payment system.  It seems that if you have a free app then you can self sign but reading between the lines they sort if indicate that you need their own licensing certificate for linking the app to their accounting system - I might be totally wrong here, anyway will see.

     
    |
    Mark as:
  • distropolis
    Currently Being Moderated
    11. distropolis,
    Dec 18, 2012 2:36 PM   in reply to nukeme2
    Report

    Well I'm glad at least one person is on the same page as I am.

     

    I think it is super flaky of Adobe to not have a documented procedure for this.  I guess that there are very few people activly using AIR for Android development.  At least people that want to integrate the Google RSA key and sell/get payments through Google Play.

     

    I could totally be mis-reading this whole situation ... but why is there a complete lack of info out there?

     

    This is the only thing that comes close:

     

    http://helpx.adobe.com/digital-publishing-suite/kb/publishing-process- android-amazon-mobile.html

     
    |
    Mark as:
  • nukeme2
    Currently Being Moderated
    12. nukeme2,
    Dec 31, 2012 11:35 AM   in reply to distropolis
    Report


    Ok Adobe you owe me big time, it took me ages to figure it out.  Here is the way to incorporate Google Play's new public security certificate that is now needed for paid apps.

     

    Step 1
    Download and install OpenSSL (see the YouTube video http://www.youtube.com/watch?v=mpzSXAW0qUI)

    Step 2
    Create a new P12 self-signed certificate and private key in Flash CS5.5 or CS6 in the Air for Android Settings/deployment tab section and copy it to the C:\openSSL\bin directory.  For the sake of this tutorial call it FlashCreated.P12

    Step 3
    Open a command prompt and navigate to the OpenSSL\bin directory, ie cd\OpenSSL\bin

    Step 4
    Type the command  
    set OPENSSL_CONF=c:\openssl\bin\openssl.cfg

    Step 5
    You need to decode the FlashCreated.P12 key to create a PEM file with the command
    openssl pkcs12 -in FlashCreated.p12 -out FlashCreated.pem -nodes

    Step 6
    Use a text editor and take a look at this FlashCreated.pem file

    Step 7
    Strip out stuff not enclosed within the "-----BEGIN ... KEY-----" and "-----END... KEY-----" delimiters.

    Step 8
    Go to the Google Play Developer's Console and copy the public key that they provide into a MS WORD document.

    Step 9
    You need to copy this text in junks of 64 characters and past them below the existing Private Key section and within the delimiters.
    -----BEGIN RSA PUBLIC KEY-----
    -----END RSA PUBLIC KEY-----

    use the MS Word count tab (bottom left of screen) to see the number of characters you select. Most important - ensure that there are no spaces, so 64 64

    Step 10
    Once you have the 3 sections complete, ie Private Key, Public Key and Self Signed Certificate, convert this pem file back to a P12 using the same password with the command
    openssl pkcs12 -export -in FlashCreated.pem -inkey FlashCreated.pem -out Google.p12

    Hope this works for you.

    www.freddithefishingboat.com

     
    |
    Mark as:
Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points