DEV Community

HarmonyOS
HarmonyOS

Posted on

How to solve the manual signature issue

#harmonyos #manualsigning #digitalcertificate #profilefile

Read the original article:How to solve the manual signature issue

How to solve manual signature issue

Problem Description

Manual signing fails during local debugging or packaging.

Background Knowledge

HarmonyOS apps and Ability packages ensure integrity through digital certificates (.cer files) and Profile files (.p7b files). Before applying for digital certificates and Profile files, you first generate a key (stored in a .p12 keystore file) and a certificate signing request file (.csr) via DevEco Studio. Then, apply for debug digital certificates and debug Profile files. Finally, configure the key (.p12), digital certificate (.cer), and Profile (.p7b) files into the project.

  • Key (.p12): Contains the public and private keys used in asymmetric encryption, stored in the keystore file. The key pair is used for digital signing and verification.
  • Certificate Signing Request (CSR, .csr): Contains the public key from the key pair and information such as common name, organization name, and organizational unit. It is used to apply for digital certificates on AppGallery Connect.
  • Digital Certificate (.cer): Issued by Huawei AppGallery Connect.
  • Profile File (.p7b): Includes the app or Ability package name, digital certificate info, list of certificate permissions the app/Ability is allowed to request, and a list of devices permitted for debugging (empty for Release type apps). Every app or Ability package must include a Profile file.

Troubleshooting Process

Generate the keystore and CSR files: Ensure the .p12 and .csr files are correctly generated.

Apply for certificates: Use the CSR to apply for debug/release digital certificates (.cer) on AppGallery Connect.

Apply for Profile files: Download debug/release Profile files (.p7b) from AppGallery Connect.

Check restricted permissions:

  • If the app uses restricted permissions, apply for restricted ACL permissions.
  • Add the permissions in the module’s module.json5 or config.json file. Example for ohos.permission.ACCESS_IDS: 
{
  "module": {
    ...
    "requestPermissions": [{
      "name": "ohos.permission.ACCESS_IDS"
    }],
    ...
  }
}
Enter fullscreen mode Exit fullscreen mode

Verify the signing files:

  • Ensure the correct debug certificates are used during local debugging (not release certificates).
  • Re-sign or replace the .p12, .csr, .cer, and .p7b files from AppGallery Connect if issues occur.

Solution

  • Follow the correct signing process: generate .p12 and .csr → apply for .cer → apply for .p7b → configure files in project.
  • Ensure restricted permissions are correctly added if required.
  • Always verify that the debug certificate is used for local debugging.
  • Replace or re-sign files from AppGallery Connect to resolve most manual signing issues.

Verification Result

Manual signing should succeed after following the above steps, allowing local debugging and packaging to proceed without errors.

Related Documents or Links

https://developer.huawei.com/consumer/en/doc/harmonyos-guides-V5/ide-signing-V5#section297715173233

Written by Emine Inan

Top comments (0)