UPDATE 20th April 19:15:

It appears the same issue with the token regenerisation is still happening :(

The latest version of the app installed okay with the new permission after uninstalling.

The only reason I can think of for the 'different signature' problem to have happened, is if I had uninstalled the clover signed app, and reinstalled directly from a sideloaded version. However I'm using the same signing for both, so I'm not sure how that works either?

Original Question 20th April 19:00:

My sandbox clover app updater is failing for a new version of my APK I'm getting this on logcat:

W/PackageManager: New package has a different signature: <my apps package name...>

I initially uploaded an APK via the sandbox clover website, and installed to get permissions to use the API.

I have since been sideloading, but now need to add to the permissions, so I've checked the new ones and uploaded a new APK with the same signing and key. The upload works fine, and even reaches the App Updater app on clover mini (real physical dev kit) but almost instantly shows 'Install Failed'

I have tried:

  1. Another signing to see if it was that, but as expected I couldn't even get the APK to upload as they didn't match
  2. Signing with only v1 signing ticked in the new android studio signing options (It now allows v2). This also didn't change anything
  3. Multiple restarts and app updater and app store cache clears (Until I found the log above confirming it was something specific)

I have yet to try an uninstall, as I recently hit an issue with token regeneration after an uninstall.

I'll probably trigger it now, and hope that issue is faster than 24hrs this time. I'd still love to know if i'm doing something wrong here, and whether there's anything I need to know about updating permissions on production after an initial app release.

Thanks, Alan

asked 2017-04-20 13:15:04 -0500

Alan gravatar image

updated 2017-04-20 13:22:57 -0500


App updates and tokens are not related. If you sideloaded your APK, you are always going to get this since it won't be signed with the Clover store signature.

jeff gravatar image
jeff 2017-04-20 15:17:04 -0500

Hi Jeff, are you saying if I install an app from the clover app store, then sideload on top of that, that i can't later update from the app store? Was there another option other than uninstalling the app after sideloading over the app store install, to get the updated permissions?

Alan gravatar image
Alan 2017-04-20 16:51:31 -0500

You cannot install any app on top of the same app unless it's signed identically. I can't really say anymore without knowing how you sign your apps and with what keys. The log you pasted seems to indicate the problem however. It's not related to tokens. The fix for tokens has not been released yet. The workaround is to uninstall (from the store) and re-install (from the store). Sideloading is not going to do it.

jeff gravatar image
jeff 2017-04-20 17:05:51 -0500

The token thing is fine, I understand why and the workaround. My question was about the error I got from: AppStore install->sideload->appstore update

I'm able to sideload over an app store install but not update over that same sideload. That wouldn't be a huge deal if it wasn't for the 24hr auth token issue that comes with uninstalling. Does that make sense?

Alan gravatar image
Alan 2017-04-20 17:16:42 -0500

Yes, makes sense.

jeff gravatar image
jeff 2017-04-20 17:26:05 -0500

1 answer

Sort by  

Your locally-signed APK will not have the same signature as the APK installed from our app store. For security reasons, we add additional signatures beyond your developer signature. The only solution I know of here is to manually uninstall the app store installed APK and then sideload your APK.

answered 2017-05-08 09:58:52 -0500

jeff gravatar image

And just to note, currently uninstalling apps causes API tokens to expire and not regenerate properly for up to 24hrs. So best to plan uninstalls at the end of the work day @Pavan . However, It's possible to generate an API token manually from the merchants settings, so you're not left too stuck if you're using the API. It's just painful to simulate/test initially getting auth tokens during clean installs.

Alan gravatar image
Alan 2017-05-08 10:18:47 -0500

@Alan thanks the token generating issue i getting in clover station where i am using android sdk to get auth token then clover team suggested to use me forceful auth token here is link may be help it to u using this my token issue is solved


Pavan gravatar image
Pavan 2017-05-08 10:40:22 -0500

Thanks @Pavan

Alan gravatar image
Alan 2017-05-08 10:44:47 -0500