I am getting following error while generating certificates on my local machine.
C:\Users\abc>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
I think there is some problems in jdk version.I ran the same command on my collegues machine and it is working fine.
Please share your inputs.
I solved it by using the default password for cacerts keystore : 'changeit'
This answer will be helpful for new Mac User (Works for Linux, Window 7 64 bit too).
Empty Password worked in my mac . (paste the below line in terminal)
keytool -list -v -keystore ~/.android/debug.keystore
when it prompt for
Enter keystore password:
just press enter button (Dont type anything).It should work .
Please make sure its for default debug.keystore file , not for your project based keystore file (Password might change for this).
Works well for MacOS Sierra 10.10+ too.
I heard, it works for linux environment as well. i haven't tested that in linux yet.
From your description I assume you are on windows machine and your home is abc
So Now : Cause
When you run this command
keytool -genkey -alias tomcat -keyalg RSA
because you are not specifying an explicit keystore it will try to generate (and in your case as you are getting exception so to update) keystore C:\users\abc>.keystore and of course you need to provide old password for .keystore while I believe you are providing your version (a new one).
Solution
Either delete .keystore from C:\users\abc> location and try the command
or try following command which will create a new xyzkeystore:
keytool -genkey -keystore xyzkeystore -alias tomcat -keyalg RSA
Note: -genkey is old now rather use -genkeypair althought both work equally.
According to the documentation:
The default password for the debug keystore is android.
I have solve this issue by using default password "changeit".
Using changeit for the password is important too.
This command finally worked for me(with jetty):
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass changeit -validity 360 -keysize 2048
In tomcat 8.5 pay attention to write the correct name of attributes. This is my code on server.xml:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/keystore" certificateKeystorePassword="mypassword" type="RSA"/>
</SSLHostConfig>
</Connector>
You can visit https://tomcat.apache.org/tomcat-8.5-doc/config/http.html to see all attributes
If you are working on signing your Flutter App by following this guide Build and release an Android app and run in to this error. I hope this answer helps you.
In my case I changed the path to store my key.jks. This happened to me because I there was an existing file in that path.
keytool -genkey -v -keystore ~/key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias key
This command stores the key.jks file in your home directory. To store it elsewhere, change the argument you pass to the -keystore parameter.
In my case,
keytool -genkey -v -keystore /Users/Y/Desktop/X/key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias keyYour
i.e Y - Username and X - folder name
Then you will be prompted to Enter keystore password: and Re-enter new password:. Here you can use whatever password you want.
However, keep the keystore file private; don’t check it into public source control!
Empty password worked for me on my Mac
keytool -list -v -keystore ~/.android/debug.keystore
hit Enter then It's show you
Enter keystore password:
here just hit Enter for empty password
Works on Windows
open command prompt (press Windows Key + R then type "cmd" without quotations in the appearing dialogue box and then press Enter Key).
then type the code sniff below :
cd C:\Program Files\Java\jdk1.7.0_25\bin
then type following command
keytool -list -keystore "C:/Documents and Settings/Your Name/.android/debug.keystore"
Then it will ask for Keystore password now. The default password is
"android" type and enter or just hit enter "DONT TYPE ANY PASSWORD".
Summarizing the advices from this page, I finished up with the following:
keytool -genkeypair -keystore ~/.android/release.keystore -alias <my_alias> -storepass <my_cert_pass> -keyalg RSA
Then I got a set of questions regarding name, organization, location and password for my alias.
Check your home folder ~/.gradle/gradle.properties. Sometimes if you have gradle.properties in home directory it takes details from the there. Either you can change that or delete the files. Then it will take required details from your local folder.
I fixed this issue by deleting the output file and running the command again. It turns out it does NOT overwrite the previous file. I had this issue when renewing a let's encrypt cert with tomcat
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
I solved my problem when I changed keystore path C:\MyWorks\mykeystore to C:\MyWorks\mykeystore.keystore.
In my case I was needed to have root access.
[root#localhost Certificate]# openssl pkcs12 -export -in
/opt/Certificate/115c99f4c5aa98f5.crt -inkey /opt/Certificate/ravi.in.key -certfile
/opt/Certificate/gd_bundle-g2-g1.crt -out RaviNew.p12
Enter Export Password: <Password>
Verifying - Enter Export Password: <Password>
Note :- Above Export Pasworrd write down anywhere because it is must to create JKS file ( It is depend on your choice what password you want to make )
keytool -importkeystore -srckeystore DigiEduNew.p12 -srcstoretype pkcs12 -destkeystore finaldigiEdu.jks -deststoretype JKS
Importing keystore DigiEduNew.p12 to finaldigiEdu.jks...
Enter destination keystore password: <Any Password >
Re-enter new password: <Any Password >
Enter source keystore password: <.P12 Password >
Entry for alias 1 successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or
cancelled
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12
which is an industry standard format using "keytool -importkeystore -srckeystore
finaldigiEdu.jks -destkeystore finaldigiEdu.jks -deststoretype pkcs12".
For me I solved it by changing passwords from Arabic letter to English letter, but first I went to the folder and deleted the generated key then it works.
In my case with Xamarin Forms 4.7 and Visual Studio 2019 16.7.0 Preview 3.1, the problem was version mismatch of lately updated Android Build tools (apksigner) and JDK. Updated JDK to latest and pointed the new JDK path on Tools->Options->Xamarin->Android Settings, and it works.
Just upgraded to Android Studio 4.2 from 4.0. Apparently, Android Studio silently CHANGED my keystore password, which has been sitting there unchanged and working perfectly without incident for well over a year.
Just had to re-renter both passwords.
Sigh
If you already have a .store file, you have to use the same password as you did to generate it. So in my case the solution was:
rm *.store
rm *.cer
That may sound odd to you but I'm just trying to learn about keytool and am source controlling my tutorial files and rerunning them later!
you have two options:
cmd doesn't show the password on the screen while typing
so just type the correct passwd -and be careful- then press enter.
Or
just use:
keytool -list -keystore 'keystoreName' -storepass 'type your keystore passwd'
and for Keys' full info, add -v:
keytool -v -list -keystore 'keystoreName' -storepass 'type your keystore passwd'
This answer is helpful for those who manage multiple keystores across different projects.
I had the same error and I noticed I was using a file keystore.jks with the password of another keystore.jks which throws this exception since the password doesn't match.
With openjdk I had the same problem.
After I updated openjdk to "11.0.17" the problem was gone.
Related
I'm currently busy building a ionic app. I am busy with facebook login and for me to register my app on the facebook developers dashboard i need to give info on the app.
One of them are that i need to generate a hash key. to do that i need to run the following command from within my java/bin
keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android
then i get this error when i do that
keytool error: java.lang.Exception: Keystore file does not exist:
C:\Users\Reyno.android\debug.keystore
this basically means the file isnt there right.
So my question is how can i generate a new one without installing android studio. I know it wil generate a new one if i install android studio.
ref: Where is debug.keystore in Android Studio
Thanks in advance
I found a solution to this question after a bit of futher investigation. It's quite simple.
(1)Open your cmd as administrator
(2)navigate to your keytool directory. Mine was located at "C:\Program Files\Java\jdk-"
13.0.1\bin\keytool"
(3)enter the following command
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -
keysize 2048 -validity 10000
(4)answer the questions they ask, i'll list them below
Enter keystore password
Reenter keystore password
What is your first and last name?
What is the name of your organizational unit?
What is the name of your organization?
What is the name of your city?
What is the name of your state or province?
What is the two-letter country code for this unit?
They wil then just ask you to confirm if the details are correct, you can just type "Y" for yes. If you use "N" for no they wil ask you to complete the questions again.
(5)Go to your java jdk directory, in my case it was C:\Program Files\Java\jdk-13.0.1\bin\
Then search for a file called "my-release-key.keystore"
Please copy it and save it in a safe place you wil need to use it everytime you
publish or update your app.
Hope this helps someone
I am running calabash-android in a docker file and when I run the calabash test I got the error
/usr/local/bundle/gems/calabash-android-0.7.2/lib/calabash-android/java_keystore.rb:6:in `initialize': No such keystore file '/home/core/Android/debug.keystore' (RuntimeError)
I have tried this this and not working for me.
Edit
After setting up the path the error is like
/lib/calabash-android/java_keystore.rb:32:in `initialize': Could not list certificates in keystore. Probably because the password was incorrect. (RuntimeError)
It can be fixed by navigating to the /.android directory and remove the debug.keystore file if exist one and go try the command
keytool -genkey -v -keystore debug.keystore -alias androiddebugkey -storepass android -keypass android -keyalg RSA -keysize 2048 -validity 10000
And following that navigate to the directory where the feature files exist and setup the calabash android by using the command
calabash-android setup
The resign the new debug.keystore file using the command
calabash-android resign <apk path>
And finally we can run the test by using the command
calabash-android run <apk path>
There's an interesting thing to note. If your keystore password has $, then you need to escape it in .calabash_settings file.
Look at the content of this file:
{"keystore_location":"my-release-keystore.jks","keystore_password":"abc$123","keystore_alias":"MyAlias"}
If you leave "abc$123" like this, you should get an error. Then you should escape the password like the following example:
{"keystore_location":"my-release-keystore.jks","keystore_password":"abc\\$123","keystore_alias":"MyAlias"}
Take a look at \\ for escaping special characters.
I am developing a PhoneGap application through Eclipse on the Android platform. My code is ready and run perfectly.
Now, I already created a signed APK file in release mode. So, when I uploaded this keystore file on "build.phonegap.com", and clicked on Submit key, I got an error like this:
Error: extension did not match expected (keystore)"
I don't know what is going wrong in this. Is there a proper solution?
A command-line solution:
keytool -genkey -v -keystore yourappname.keystore -alias appnamealias -keyalg RSA -keysize 2048 -validity 10000
According to: This Post
When you are creating your keystore file in Eclipse make sure to manually set the file extension to ".keystore" - instead of the default file name with no extension.
What tools do we need to develop an Android keystore file?
The Android keystore file can be created in the Java Development Kit (JDK), and to download the installation file, click on this link: Install JDK.
How do we create the Android keystore file?
Standard procedure: First you need to open the command prompt as administrator
To go from a directory to its parent directory, write cd.. (push the Enter button). Keep doing it until you reach c:>.
When you are at c:/, write cd Program files (push the Enter button).
cd Java (push the Enter button).
cd jdk1.7.0_03 (push the Enter button).
cd bin (push the Enter button).
**keytool -genkey -v -keystore Your_personal_file_title.keystore -alias Your_personal_alias -keyalg RSA -keysize 2048 -validity 10000** (push the Enter button).
Remember to edit the two text file Your_personal_file_title and Your_personal_alias.
And enter your profile information.
Afterwards it will create your Android keystore file in your C:\Program files\Java\jdk1.7.0_03\bin directory, with the name you gave it…
You now have your keystore file and can activate it in whatever application you generate your Android apps in (for example, build.phonegap.com).
Please remember to use CMD as administrator.
You need to create your own .keystore file. To do this:
Open CMD
Type:
cd C:\java path\java\jdk7\bin
keytool -genkey -v -keystore yourappname.keystore -alias appnamealias -keyalg RSA -keysize 2048 -validity 10000
After that you will have a new release keystore.
I am trying to sign my Android app so I can release it in Market. When I generate the keystore, I get an access denied error. How do I fix this?
This is what I've been trying to do:
Right click project in Eclipse Helios.
Android Tools > Export Signed Application Package.
Click next.
I check "Create new keystore" and realize it does nothing to help me. It still asks for the location of keystore. So I decide to do it the hard way.
Turned off read-only access on C:\Program Files\Java\jdk1.6.0_25\bin and granted the CREATOR OWNER group full control of the folder.
Open command line on Windows 7 64-bit.
Traverse to C:\Program Files\Java\jdk1.6.0_25\bin.
Run keytool.
Got an access denied error.
.
C:\Program Files\Java\jdk1.6.0_25\bin>keytool -genkey -v -alias company -keyalg R
SA -keysize 2048 -validity 10000 -keystore company.keystore
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: John Smith
What is the name of your organizational unit?
[Unknown]: Android
What is the name of your organization?
[Unknown]: Company
What is the name of your City or Locality?
[Unknown]: Albany
What is the name of your State or Province?
[Unknown]: NY
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=John Smith, OU=Android, O=Company, L=Albany, ST=NY, C=US correct?
[no]: yes
Generating 2,048 bit RSA key pair and self-signed certificate (SHA1withRSA) with
a validity of 10,000 days
for: CN=John Smith, OU=Android, O=Company, L=Albany, ST=NY, C=US
Enter key password for <veetle>
(RETURN if same as keystore password):
Re-enter new password:
[Storing company.keystore]
keytool error: java.io.FileNotFoundException: veetle.keystore (Access is denied)
java.io.FileNotFoundException: veetle.keystore (Access is denied)
at java.io.FileOutputStream.open(Native Method)
at java.io.FileOutputStream.<init>(FileOutputStream.java:194)
at java.io.FileOutputStream.<init>(FileOutputStream.java:84)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:902)
at sun.security.tools.KeyTool.run(KeyTool.java:172)
at sun.security.tools.KeyTool.main(KeyTool.java:166)
Edit:
Everytime I check the folder permissions, I see that it has reverted back to read-only. There were no errors whenever I turned off read-only.
Below steps worked for me:
Run command prompt as administrator
Unchecked the read only options in C:\Program Files\Java\jdk1.6.0_25\bin This may not be required
keytool -genkey -v -keystore d:\my_private_key.keystore -alias my_key_alias -keyalg RSA -keysize 2048 -validity 10000
Tell it to create it in drive D:.
It does help you. You have to specify the location of the file that will be generated. For example specify C:\Documents and Settings\loginname\market.keystore
Access denied because you are not an admin.
Simply open the cmd prompt as an administrator - that worked for me.
The keystore that the Android SDK needs access to is not the same of the JDK. You can simply use the "create new keystore" option of the Android wizard and choose any folder you have write access to: the wizard will create there a new keystore. You don't need to use keytool form JDK.
opening Command Prompt as a Administrator helped me.(For Windows 8.1)
I had the same problem. You need to define your JAVA_HOME environment variable.
Read the "Basic Setup for signing" paragraph of this link : http://developer.android.com/guide/publishing/app-signing.html#setup
It says:
Before you begin, make sure that the Keytool utility and Jarsigner utility are available to the SDK build tools. Both of these tools are available in the JDK. In most cases, you can tell the SDK build tools how to find these utilities by setting your JAVA_HOME environment variable so it references a suitable JDK. Alternatively, you can add the JDK version of Keytool and Jarsigner to your PATH variable.
If you are developing on a version of Linux that originally came with GNU Compiler for Java, make sure that the system is using the JDK version of Keytool, rather than the gcj version. If Keytool is already in your PATH, it might be pointing to a symlink at /usr/bin/keytool. In this case, check the symlink target to be sure it points to the Keytool in the JDK.
Fixing the problem on win7 (yuk) without Eclipse:
i have the environment variable JAVA_HOME set to ..../JDK1.7.0_03 (android programmed from GLbasic), and i did only 2 things to fix the problem:
1) in the folder ..../Java/JDK1.7.0_03 i removed the "read-only" permission of the /bin sub-folder, which contains keytool.exe.
2) i opened the console "as administrator" (although it's the only account on my win7).
then you do cd...JDK / bin, run again keytool.exe, and you get the file nickname.keystore auto-generated in JDK / bin.
Once everything is done you could re-assign the "read-only" permission.
Good luck!
Running eclipse as administrator solve the problem, then type the following:
keytool -genkey -v -keystore NAME-mobileapps.keystore -alias NAMEmobileapps -keyalg RSA -keysize 2048 -validity 10000
Hope it help?
It does help you when you open a cmd as an administrator.
run cmd as administrator
go to the file: C:\Program Files\Java\jdk-17.0.5\bin>
type this command:
.\keytool -genkey -alias bootscurity -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore bootsecurityp.12 -validity 3650
check the folder: C:\Program Files\Java\jdk-17.0.5\bin
and it will find your key named "bootsecurityp.12"
chagning read only on windows 7 helped me. don't forget the default password "changeit"
If you are using Windows 7, make sure you are running eclipse as an administrator.
Make sure there is no other keystore file at this location C:\Program Files\Java\jdk1.6.0_25\bin. If there is, keep it somewhere else and try the command again:
keytool -genkey -v -keystore d:\my_private_key.keystore -alias my_key_alias -keyalg RSA -keysize 2048 -validity 10000
Seems that it's easier to accomplish it in command line via keytool and the latest genkeypair approach. I finished up with the following:
keytool -genkeypair -keystore ~/.android/release.keystore -alias <my_alias> -storepass <my_cert_pass> -keyalg RSA
Then I got a set of questions regarding name, organization, location and password for my alias and that was it!
If you are on Mac, Add "sudo" at the beginning of your command "keytool -genkey -v -keystore my-release-key.keystore -alias my-key-alias -keyalg RSA -keysize 2048 -validity 10000"
I got this problem running on linux. The solution was to specify the path relative to the root directory (/), rather than relative to home (~).
I have built a new development machine and installed Android SDK. I tried to obtain the Android MD5 debug fingerprint but cannot seem to get it to generate. I have deleted the debug.keystore to create a new one and only the SHA1 fingerprint is present.
Please advise
Here is my debug.keystore contents:
c:>"C:\Program Files\Java\jdk1.7.0\bin\keytool" -list -keystore "C:\users\me\.android\debug.keystore
Enter keystore password:
******* WARNING WARNING WARNING *******
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
******* WARNING WARNING WARNING *******
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
androiddebugkey, May 2, 2011, PrivateKeyEntry,
Certificate fingerprint (SHA1): F8:A5:0E:DD:61:5D:FC:86:D9:33:13:48:30:E0:EF:37:
47:81:60:EF
c:>
I am running Windows7 64 bit. The MD5 fingerprints are also not showing in my production keystore that I restored from a backup from the previous system (WindowsXP SP3).
Follow these steps:-
c:>cd "C:\Program Files\Java\jdk1.6.0\bin>keytool" -list -keystore "C:\users\me.android\debug.keystore"
*note :- Replace me with your username
after this you get MD5 ,
Copy that MD5 paste it in https://developers.google.com/maps/documentation/android/v1/maps-api-signup
and generate API KEY for map, use that API KEY in main.xml file.
May it helps you.
Reply if not works
Your command yhould be for the debug certificate :
"C:\Program Files\Java\jdk1.7.0\bin\keytool" -list -alias androiddebugkey -keystore "C:\users\me\.android\debug.keystore" -storepass android -keypass android
(from : http://code.google.com/android/add-ons/google-apis/mapkey.html)
I found the answer. There is another post on SO (Link) that states that rolling back from
jdk-7-ea-bin-b140-windows-x64
to
jdk-6u25-windows-x64
resolves the issue. THIS WORKED FOR ME!
dranfi, your answer is technically correct, but that's what I used in the first place.
jdk-7-ea-bin-b140-windows-x64 obviously has some issues to resolve.
I perhaps should have stated the javaSDK version in the first place -sorry!
Java 7 (1.7.0) changed the default output from the keytool command. See JDK 7 changes keytool output .
Add the -v option to print all possible fingerprints, so complete command will look like this, then select the MD5 output:
keytool -v -list -alias androiddebugkey -keystore ~/.android/debug.keystore -storepass android -keypass android