This technote addresses the installation issue of Adobe AIR applications after 30th Oct 2017 that is signed with SHA1 certificate. It is applicable to both Windows and Mac.
When you install your AIR application, the installation fails with the below error. The error dialog is a generic installation failure message that could occur for various reasons. One of them is due to signature validation failure.
Who should use this solution?
If your developed AIR application fails to install after 30th Oct 2017.
Follow the steps below to verify if the signature validation failure is the cause of the installation failure:
- Open the application installation logs. The location of the log files for different platforms is mentioned in the article: https://helpx.adobe.com/air/kb/logging-air-2-desktop-application.html
- If the installation log contains the error: “Package signature validation failed”, it indicates that the application is signed with SHA1 certificate.
- Set your system date to a date prior to 30th Oct 2017, and try to install the application again. Successful installation confirms that your application is impacted by the signature validation issue.
You will have to re-sign your Adobe AIR application. Follow the steps below to re-sign your application:
- Rename your Adobe AIR application by changing its extension from .air to .zip. In case you don’t see the extension in the filename, enable the filename extension before renaming the application.
- Extract the .zip file renamed in Step 1.
- Go to the extracted folder and perform the following modifications (in the order specified):
- Move xml present inside META-INF\AIR\ folder to the root of the extracted folder.
- Delete “META-INF” folder.
- Delete “mimetype” file located in the root of the extracted folder.
- Download the latest AIR SDK for your platform from http://www.adobe.com/devnet/air/air-sdk-download.html.
- Locate the AIR SDK archive file downloaded in Step 4 and extract the AIR SDK Compiler (if on Windows) or mount the AIR SDK Compiler dmg (if on Mac).
- Open the command prompt and change the current working directory to the root directory of the extracted AIR application directory.
- Use the command below to re-package the AIR application with a new certificate:
<AIR_SDK_compiler_path>\bin\adt –package -storetype pkcs12 -keystore <app_signing_certficate_path> myApp.air application.xml .
Command line parameters:
- AIR_SDK_compiler_path – Location of AIR SDK compiler extracted or mounted in Step 5.
- app_signing_certficate_path – Fully qualified path of your application signing certificate. Make sure you are using SHA256 certificate.
- myApp.air – Name of the application to be packaged.
- application.xml – The file that was moved in Step 3.A
When prompted, enter the password of your application signing certificate.
Do not ignore the . (dot) at the end of the packaging command above. It is used to package all the resources present in your existing application. For more details on packaging AIR applications, refer https://help.adobe.com/en_US/air/build/WS901d38e593cd1bac1e63e3d128cdca935b-8000.html.