Android 'Application not Installed' java.lang.SecurityException [invalid digest for] or [Package ... has no certificates at entry]

07 August 2013
By Gonçalo Marques
How to solve Android 'Application not Installed' caused by java.lang.SecurityException [invalid digest for] or [Package ... has no certificates at entry] when we sign an Android APK and install it in an Android device.

The Problem

We sign an Android application (APK) using jarsigner signing tool. While installing the signed APK in an Android device we get the following exception in LogCat:

Exception reading res/drawable/[some_resource].xml in /data/app/vmdl125026663.tmp
java.lang.SecurityException: META-INF/[YOUR_APP].SF has invalid digest for res/layout/[some_resource].xml in /data/app/vmdl125026663.tmp
at java.util.jar.JarVerifier.invalidDigest(
at java.util.jar.JarVerifier.verifyCertificate(
at java.util.jar.JarVerifier.readCertificates(
at java.util.jar.JarFile.getInputStream(
at android.os.Handler.handleCallback(
at android.os.Handler.dispatchMessage(
at android.os.Looper.loop(
Package has no certificates at entry res/drawable/[some_resource].xml; ignoring!
GC_EXPLICIT freed 2798K, 26% free 17142K/23139K, paused 5ms+15ms

The Solution

One of the common causes of the problem mentioned above is the usage of JDK 1.7 to sign the APK.

A possible solution is to include the following arguments in your jarsigner command:

-digestalg SHA1 -sigalg MD5withRSA

Other solution is to run jarsigner from JDK 1.6.

Related Articles


About the author
Gonçalo Marques is a Software Engineer with several years of experience in software development and architecture definition. During this period his main focus was delivering software solutions in banking, telecommunications and governmental areas. He created the Bytes Lounge website with one ultimate goal: share his knowledge with the software development community. His main area of expertise is Java and open source.

GitHub profile:

He is also the author of the WiFi File Browser Android application: