Android wrap completes but app cannot be used

Document ID : KB000098325
Last Modified Date : 29/05/2018
Show Technical Document Details
Issue:
The app wrapping process completes but the app cannot be used.
Key parts of the wrapping output below:

$ ./wrap.sh -a "myapp.apk" -p "myapp.plist"


Validating Inputs :
******************************
checking for /axa/ca/aoPlatform/java/jre1.8.0_151/bin/jarsigner ...
Jarsigner is not present , wrapping without signing.

/axa/ca/aoPlatform/java/jre1.8.0_151/bin/java -jar ca-maa-android-sdk-wrapper-17.3.jar -apk myapp.apk -plist myapp.plist -rules AUTO_DETECT -signconfig emm/conf/jarsigner.properties -disablejsinterception false -buildtype release -nosign release -forcemultidex false

{when wrapping process is completed}

warning: wrapped apk is not signed. Please sign with your certificate.

 
Environment:
APM 17.3
Cause:
When trying to run the wrapped apk, we may get an error such as "failed to install myapp.apk: Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES: Failed to collect certificates from /data/app/vmdl738038351.tmp/base.apk: Attempt to get length of null array]"
This means that the apk was not signed properly
Resolution:
The jarsigner utility is present in the JDK but not the JRE - particularly not the JRE provided for AXA software.
Because jarsigner cannot be found, the wrapping process is automatically configured to use the -nosign flag.
The solution is to make sure the wrapper is using a JDK which will have jarsigner in the bin folder.

Notes about the importance of signing:
Every app (.apk) needs to be code signed to be accepted in to the Google Play store. This is a way for Google/Android to identify the publisher of the app. Normally, during app development, the application will be signed by a dummy (self-signed certificate) and when it is ready for release to the Play Store, it is signed by the company's enterprise certificate.
Signing is normally baked in to the IDE's that is used (Android studio) and hence it is rather seamless. 

Now when we wrap an application, we make changes to the apk bits directly (instrumentation) and that requires us to re-sign for it to be deployed on to a device/simulator.
If it is just for local development, don't give the -nosign option, so that the wrapping process will sign it with a temp/dummy certificate that we bundle with our SDK.
But if it is for a release in to the store, then give the -nosign option, which will result in an unsigned apk, that then needs to be signed manually with the company's enterprise certificate before it can be published.