The principle and effect of signature verification for offline packages are as described in Offline package introduction. The failure of signature verification does not directly cause an H5 application to be unavailable, but the H5 container will be unable to locally obtain the resources of the H5 application. All traffic falls back to the online CDN, which affects user experience and system performance to some extent.
- You can open the offline package application only when the network is connected.
- The H5 application is loading slowly.
Check whether the console enables signature verification for offline packages (the private key used to create signatures for offline packages has been uploaded).
Check whether the H5 container on the client enables signature verification for offline packages.
The common configuration combinations and results are as follows:
- ⚠️Console ON/Client ON: Signature verification may fail due to the mismatch of the private key for verifying signatures.
- ❓Console ON/Client OFF: The problem may not be related to signature verification.
- ❌Console OFF/Console ON: The signature verification is bound to fail.
- ❓Console ON/Console OFF: The problem may not be related to signature verification.
⚠️Note: Whether the configuration of signature verification on the client takes into effect is a checkpoint that is easy to be ignored.
Grab Charles and Fiddler data packets to confirm an amr file download and check whether fallback traffic exists.
- ⚠️If the amr file corresponding to the offline package is being downloaded, and fallback traffic exists, the signature verification may fail.
- ❌If no amr file is being downloaded, but fallback traffic still exists, you cannot completely exclude other reasons, for example, the offline package fails to be preset or downloaded.
View client log to determine the result of signature verification.
signature verify resultin the Android client log to determine whether signature verification failure exists according to the context of the log.
Double-check the configuration of signature verification for offline packages based on the document. Confirm the private key uploaded by the console matches the public key configured on the client.