After upgrading to Android 5.0 (Lollipop), a number of my apps disappeared. Trying to re-install them from the market resulted in a -505 error. This problem is most common with cross-platform Adobe AIR apps, more specifically, apps signed with an SHA1 generation with some certificates. The upgrade to Lollipop doesn’t correctly translate these specific keystores. When the apps disappear, the mismatched keystore sits around in memory preventing the app from being re-installed.

Update: Blog post from Adobe acknowledging the problem. Android 5.0.1 should resolve this issue without any action needed from developers. The release date for this is still TBD.

This impacts some very high profile games and can also impact in app purchases. Since the root cause is with the certificate, this isn’t limited to AIR apps. Native apps are much less likely to be using one of these keystores but it may be worth testing either way. Instructions on how to validate your key:

“You can run the following commands on the META-INF/CERT.RSA from your signed APK file to check if your key is affected by this issue:

> keytool -printcert -file CERT.RSA
> openssl pkcs7 -inform DER -in CERT.RSA -outform PEM -out CERT.PEM -print_certs
> keytool -printcert -file CERT.PEM

The two keytool commands print out the fingerprints. If they do not match, the key is affected by this issue.”


The only solution I’ve seen is to manually uninstall each affected package via ADB. After doing that, I was able to re-install the apps directly from the market. Not exactly something an average user should be expected to do but it’s better than nothing. Let’s hope that Google is able to resolve this with an OS update in the near future.