When I integrate the HMS Core SDK into my app or game, result code 6003 is always returned during an API call. The official document indicates that this fault is caused by an incorrect signing certificate fingerprint. A signing certificate fingerprint is used to verify the app authenticity.
To locate the fault, perform the following operations:
Ensure that the app's certificate signature is the same as that configured in AppGallery Connect.
Ensure that the appid parameter in the manifest file is correct.
Check whether the app is hardened or re-signed.
Check whether HUAWEI App Signing is enabled.
Step 1: Ensure that the app's certificate signature is the same as that configured in AppGallery Connect.
Open the APK file of the app, extract the META-INF directory from the file, obtain the CERT.RSA file in the directory, and run the keytool -printcert -file META-INF/CERT.RSA command to display the signature certificate information.
Check the SHA-256 certificate fingerprint configured in AppGallery Connect by referring to Configuring the Signing Certificate Fingerprint. If the information is the same as the preceding information displayed, the certificate fingerprint is correct.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Note: The keystore signature of the debug version for packaging. Use the official version for packaging and utilize a real device (non-simulator) for testing only.
Step 2: Ensure that the appid parameter in the manifest file is correct.
You can perform the check in either of the following ways:
View the parameter directly in the manifest file under the project.
Decompile the packaged APK file, and view the parameter. You can use any decompliation tool for that.
Step 3: Check whether the app is hardened or re-signed.
Since AppGallery Connect does not re-sign an app currently, you need to locate the fault if your app has been hardened or re-signed by yourself.
Step 4: Check whether HUAWEI App Signing is enabled.
Huawei provides the App Signing service for developers to let Huawei host their app's signature key and use it for the APK file to be distributed.
According to the official document, if the service is enabled, the generated certificate fingerprint must be added in AppGallery Connect.
Related
This thread describes the preparation procedures for configuring your app information in AppGallery Connect.
1. Configuring App Information in AppGallery Connect
Before you start developing an app, configure app information in AppGallery Connect.
1.1 Registering as a Developer
Before you get started, you must register as a HUAWEI developer and complete identity verification on the HUAWEI Developer website. For details, please refer to Register a HUAWEI ID.
1.2 Creating an App
Create an app by referring to Creating a Project and Creating an App in the Project. Special configurations for a game app are as follows:
l Platform: Select Android.
l Device: Select Mobile phone.
l App category: Select App.
1.3 Generating a Signing Certificate Fingerprint
A signing certificate fingerprint is used to verify the authenticity of an app when it attempts to access an HMS Core through the HMS SDK. Before using the HMS Core, you must locally generate a signing certificate fingerprint and configure it in AppGallery Connect.
Please ensure that the following conditions are met:
l You have created the app's signature file.
l The JDK has been installed on your PC.
Perform the following steps:
1. Open the command line tool (using the cmd command) and run the cd command to go to the directory where keytool.exe is located. In the following example, the Java program is installed in Program Files (x86) in the C drive.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
2. Run keytool -list -v -keystore <keystore-file> and respond as prompted.
In the preceding command, <keystore-file> is the complete path to the app's signature file.
Example:
Code:
C:\Program Files (x86)\Java\jdk1.7.0_25\bin>keytool -list -v -keystore
E:\HMS_SDK_2.5.1.300\Sample\HMSSdkSample_2.5.1.300_AS\HmsSample\android.keystore.jks
3. Obtain the SHA-256 fingerprint from the result.
1.4 Configuring the Signing Certificate Fingerprint
Sign in to AppGallery Connect and select My projects.
Find your project from the project list and click the app on the project card.
On the Project Setting page, set SHA-256 certificate fingerprint to the SHA-256 fingerprint that is generated from the preceding section of Generating a Signing Certificate Fingerprint.
4. After completing configuration, click the check mark.
1.5 Enabling Required Services
l To use the Drive service, you must also enable the Account and Push services.
For details, please refer to Enabling Services.
Background:
I have integrated the HMS Core SDK for a game, and recently, submitted a game update for review, but it is rejected because the app signature differs from that of my released game.
I’ve written the following troubleshooting guide to help resolve this problem.
Troubleshooting
1. Check whether the current app version is the same as the previous version.
View the fingerprint certificate in the project.
a. Open the CLI and run the keytool -list –v –keystore [file path] command.
b. Enter the keystore password.
c. View the current signing certificate fingerprint.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
View the APK signature.
a. Run keytool -printcert -jarfile xxx.apk (APK file path).
b. The following information is displayed.
c. You can view the SHA-256 certificate fingerprint of the current APK. Check whether this value of the two app versions is consistent.
Then check whether the two fingerprints are consistent with that in your project.
2. If the certificate fingerprints are inconsistent, this can be caused by two different reasons. The first one is that the two APKs have been packaged using different signature files. If they are inconsistent, you should first check whether the .jks or keystore files used for app signing in the project are consistent. Or, you can check whether you have used keystore files from different environments or platforms.
Example:
The .jks or keystore files used for the debug and release environments are different. You need to ensure that each .jks or keystore file matches the environment. For example, you cannot configure the .jks or keystore file in debug to the release environment.
3. If the .jks or keystore files are consistent, you need to check whether an automatic process has been used for packaging and signing. If so, check whether DEX file encryption has been used, which can lead to inconsistent signatures.
Symptom
When I submitted my game to AppGallery Connect for check, the following message was displayed:
Error 28: Copy the assets directory of the HMS SDK to the app project's root directory.
CauseI submitted a ticket to Huawei technical support, and they told me that the problem occurred because no .bks certificate file was found in the packaged project.
You can also check whether there are .bks files in the project by using a decompiling tool to decompile the package. The following example shows that .bks files exist in the project.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
OutcomeUsually, when an app calls a service API provided by the HMS Core SDK, for example, the sign-in or payment API, if a user's phone does not have HMS Core (APK) installed or the APK version is too early, a pop-up will be displayed to prompt the user to install or update HMS Core (APK).
The .bks files in the app package ensure that the pop-up is displayed as expected. If such files are missing, service functions may fail to work properly.
Solution
If you use the Maven repository to integrate the HMS Core SDK in Android Studio, the certificate files are automatically stored in the assets directory of the APK.
If you download the HMS Core SDK package for local integration in Eclipse, the certificate files are included in the HMS Base Eclipse SDK package. You can manually copy the certificate files in the assets directory in each of the folder of the HMS Base Eclipse SDK package to your project's root directory by referring to the official documentation.
My project was developed using Eclipse, so I followed the instructions and copied the .bks files. Then, I submitted the package for check again and it passed.
907135701 is one of the most frequently reported error codes from HMS Core Account Kit. The official document describes the error as follows.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Both an Android project and a HarmonyOS project can report this error.
I myself have come across it several times and have summed up some of the causes and solutions for it, as follows.
From an Android ProjectCause 1: The app information is not configured in AppGallery Connect, and the app ID is not generated.
Solution: Configure the app information in AppGallery Connect.
To do this, first register as a Huawei developer and complete identity verification on HUAWEI Developers, as detailed here. Create a project and an app as needed and then obtain the app ID in AppGallery Connect.
Cause 2: The sign certificate fingerprint is not configured or incorrectly configured.
Solution: Verify that the fingerprint configured in AppGallery Connect and the fingerprint used during app packaging are consistent. You can configure the fingerprint by referring to this document.
Cause 3: agconnect-services.json is incorrectly configured, or this file is not placed in the correct directory.
Solution: Verify that the app IDs in agconnect-services.json and AppGallery Connect are the same, and copy the file to the app directory.
Also note that unless necessary, do not toggle on Do not include key in AppGallery Connect.
To re-configure the file, follow the instructions here.
From a HarmonyOS (Java) ProjectCause 1: agconnect-services.json is not placed in a proper directory.
Solution: Move the file to the entry directory.
Cause 2: The sign certificate fingerprint is not configured or incorrectly configured.
Solution: Verify that the fingerprint is configured as specified in Configuring App Signing. After obtaining the fingerprint, verify that it is consistent with that in AppGallery Connect.
Cause 3: The attribute configuration of config.json is incorrect.
Solution: Add the following content to module in the entry/src/main/config.json file of the HarmonyOS app. Do not change the value of name.
Code:
"metaData": {
"customizeData": [
{
"name": "com.huawei.hms.client.appid",
// Replace OAuth Client ID with your actual ID.
"value": "OAuth Client ID" //
}
]
}
Cause 4: The plugin configuration is incorrect.
Solution: Add the AppGallery Connect plugin configuration through either of these methods:
Method 1: Add the following configuration under the declaration in the file header:
Code:
apply plugin: 'com.huawei.agconnect'
Method 2: Add the plugin configuration in the plugins block.
Code:
plugins {
id 'com.android.application'
// Add the following configuration:
id 'com.huawei.agconnect'
}
ReferencesHMS Core Account Kit home page
HMS Core Account Kit Development Guide
About the ProblemAfter an app is integrated with the Health SDK, error code 50063 may be returned when you try to log in to and authorize the app on a HUAWEI phone.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
1. According to Health Kit development guide, error code 50063 indicates that API fails to be called because the installed HMS Core (APK) is not of the required version, which means, you need to update the HMS Core (APK) to the latest version and try again.
2. Uninstall the HMS Core (APK) from the phone, and install the latest version. If the error core 50063 is still returned, go the next step.
3. Call HuaweiApiAvailability#isHuaweiMobileServicesAvailable(Context context) and check the returned code. If the HMS Core (APK) has successfully been installed, the returned code should be 1.
4. Run the adb logcat > log.txt command to obtain complete logs for further troubleshooting.
TroubleshootingFilter the log by the keyword HMSSDK_, and you will find E/HMSSDK_X509CertUtil: Not include alias 052root.
This message indicates that, no 052root information is found in the hmsrootcas.bks certificate, which causes the verification to be failed, and therefore the login failure. In normal cases, if the SDK is integrated using the Maven repository, the hmsrootcas.bks certificate is automatically saved in the assets directory of the APK.
If no log is available, you can also check whether the hmsrootcas.bks file in the APK contains 052root using a tool.
Solution1. Check whether the hmsrootcas.bks file exists in the assets directory of the project. If so, delete it, and then the hmsrootcas.bks file will be automatically packed into the APK during app packaging.
2. If the hmsrootcas.bks file does not exist in the assets directory, or the problem persists even after you have deleted it and packaged the APK, manually integrate the BKS file containing the 052root information as follows:
Download the Health SDK.
Decompress the downloaded file, find the hmsrootcas.bks file in the following path, and integrate the file into the hmssdk-eclipse-6.9.0.300\Security-ssl\assets directory of the project.
3. Recompile the project.
ReferencesHMS Core Health Kit
Developer Guide
More FAQs About Integrating Health Kit