In Huawei App Gallery I have to update an existing aab application. Site redirects me to App signing page and there are steps that I have to follow in order to sign the app successfully. These are the steps provided:
Obtain the pepk.jar file from the Internet or another legitimate source.
Export and encrypt your private key and public key certificate into a ZIP file. Parameters in bold must be replaced as needed. Then, enter your data storage location and key password as prompted.
java -jar pepk.jar --keystore test.jks --alias test --output=output.zip --encryptionkey=<some_encryption_key> --include-cert
Upload the ZIP file containing the private key and public key certificate. (The ZIP file contains only certificate.pem and encryptedPrivateKey.)
Now I have 2 problems.
First one is, when I run the code in 2nd step in CMD. I get include-cert flag is not provided error. However when I write --include-cert=certificate.pem or --include-cert certificate.pem it says flag is unrecognized.
Second one is, I put certificate.pem and private key to folder and then turn it into ZIP. But when I click on submit it gives me Make sure the package contains only the certificate.pem and encryptedPrivateKey files error. Is not encryptedPrivateKey is the file that is exported by AndroidStudio when you generate an app bundle or Apk into the same location with .pepk extension?
I don't know what am I missing in order to sign my application. Any help would be appreciated, thanks in advance
If "No value provided for flag: include-cert" is displayed, the pepk.jar file is incorrect. You need to replace it with a correct one.
https://developer.huawei.com/consumer/en/doc/development/AppGallery-connect-Guides/agc-appsigning-faq-0000001052944432
I get include-cert flag is not provided error. However when I write --include-cert=certificate.pem or --include-cert certificate.pem it says flag is unrecognized.
It is recommended that you do not change the command and follow the commands in the document.
You could click here to try out.
And this is the App Signing Operation Guide video for reference.
it's my first time using bitbucket pipelines, I want to build an signed apk, I have the script, it generates the apk already, however, it seems there is something wrong on the signature, I've been trying to figure out why but I have had any success.
As you see on the script above, I'm generating the apk, I've created some repository variables to pass the signature data, so once the apk is ready, I use the following command to verify the apk signature :
keytool -printcert -jarfile app-debug.apk
then I see the signature data does not match with the apk signed by the ide (using the same certificate,jks, passwords and alias)
I hope any of you can help me, thanks.
I had a similar issue, be sure you are correctly encoding/decoding your .jks file...
encode:
base64 -w 0 my_keystore_file_name.jks > envout.txt
copy the contents of envout.txt to $DEBUG_STORE_FILE_BASE64 repository variable. Meaning you open envout.txt (in notepad or something) select all ctrl+a and copy ctrl+c
decode:
echo $DEBUG_STORE_FILE_BASE64 | base64 -d > my_keystore_file_name.jks
it may not matter, but $DEBUG_STORE_FILE should just be filename, and if you still have issues you could try to not use a secured repository variable, or move the file after its created:
mv $DEBUG_STORE_FILE keys/$DEBUG_STORE_FILE
or
cp $DEBUG_STORE_FILE keys/$DEBUG_STORE_FILE
Using Xamarin.Android 10.3 I'm trying to sign a Release package from Visual Studio 16.6.5. In order not to include the password as plaintext on the csproj file, I've added a file in the project folder called Pass.txt and exluded it in the git.ignore file
But when it comes to the signing process it fails with:
Failed to load signer "signer #1"
java.io.IOException: Failed to read Key "myapp" password for signer #1 : end of file reached in C:\Users\myuser\source\repos\MyApp.Xamarin\Pass.txt
If I remove the file:Pass.txt and past the password it works fine.
According to this release we can use file: in Xamarin 10.1 an later.
<PropertyGroup>
<AndroidSigningStorePass>file:C:\Users\Windows User\AndroidSigningPassword.txt</AndroidSigningStorePass>
<AndroidSigningKeyPass>file:C:\Users\Windows User\AndroidSigningPassword.txt</AndroidSigningKeyPass>
</PropertyGroup>
Missed "Note that if the same file is specified for both settings, the file must contain two lines. The first line must be the keystore password, and the second line must be the alias password. – Fritjof Berggren just now"
Adding the password twice on the file fixed it
Sometimes the issue just fixes and you well never know how.
This is what I did and it is fixed.
Goto Tools>> Android >> Android ADB Command Prompt
Type C:\Android\SDK>adb remove {your Package Name}
Clean Project
Build in Release Mode
after that clean and rebuild in Debug mode.
For me this issue was that I have the folder in One Drive and I have set the option for saving space, so I just have the link in my machine,as soon as I download the file, it works
I'm developing android app under intellij and gradle. and using following way to generate keystore file:
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
then used the keystore file in build.gradle:
signingConfigs {
robert {
storePassword 'robert'
storeFile file('/Users/bournewang/Documents/Project/android.keystore')
keyPassword 'robert'
keyAlias 'mike'
}
}
when finally trying to generate signed apk file: ./gradlew assembleRelease
it gives the error:
Execution failed for task ':Myexample:packageRelease'.
Failed to read key from keystore
In order to find out what's wrong you can use gradle's signingReport command.
On mac:
./gradlew signingReport
On Windows:
gradlew signingReport
Check your keystore file for first, in you example you creating file with name my-release-key.keystore. If its correct and really present in folder Users/bournewang/Documents/Project check alias, in your example it is -alias alias_name, but in config you specified alias mike
Most likely that your key alias does not exist for your keystore file.
This answer should fix your signing issue ;)
Removing double-quotes solve my problem, now its:
DEBUG_STORE_PASSWORD=androiddebug
DEBUG_KEY_ALIAS=androiddebug
DEBUG_KEY_PASSWORD=androiddebug
In my case, while copying the text from other source it somehow included the space at the end of clipboard entry. That way the key password had a space at the end.
For me this worked.
Go to <your_app_name>/android.
On the terminal use ./gradlew signingReport for Mac OS and gradlew signingReport for Windows.
Check if each element of each task has a Variant, Config, Store, Alias, MD5, SHA1, SHA-256, Valid until. If so you should be good.
If any of the above are absent then try to regenerate the key store by following the instructions on this page.
Copy the key store file and paste it inside <your_app_name>/android/app.
Some things that I was doing wrong while generating the key store file were.
Using quotations on MYAPP_UPLOAD_..._PASSWORD's.
MYAPP_UPLOAD_STORE_PASSWORD="Password123"
MYAPP_UPLOAD_KEY_PASSWORD="Password123"
I used \J4ct#RD as a password and it did not work. I later changed the password to something that was just aplphanumeric and it worked.
In Android Studio go to Build > Clean Project then re-generate signed APK using Build > Generate Signed Bundle / APK... and then clear password-fields and re-enter your passwords
For someone not using the signing configs and trying to test out the Cordova Release command by typing all the parameters at command line, you may need to enclose your passwords with single quotes if you have special characters in your password
cordova run android --release -- --keystore=../my-release-key.keystore --storePassword='password' --alias=alias_name --password='password'
The big thing is either the alias or the other password is wrong. Kindly check your passwords and your issue is solved. Incase you have forgotten password, you can recover it from the androidStuido3.0/System/Log ... Search for the keyword password and their you are saved
Make sure you have correct the folliwn
keystore file path
keystore alies name
keystore password
keystore in android/key.properties
in my case for some reason, after updating android studio to the last stable version, the password that was always by default got changed, i just had to set correct password again and it worked
Depending on where you generated the keyfile, keytool might refer to a different binary, running on a different JVM version. These are not necessarily compatible, try adjusting the versions.
I got same error today.
Execution failed for task ':app:packageRelease'.
A failure occurred while executing com.android.build.gradle.tasks.PackageAndroidArtifact$IncrementalSplitterRunnable
com.android.ide.common.signing.KeytoolException: Failed to read key news from store "E:\keystore\news.jks": Keystore was tampered with, or password was incorrect
I had same key password and key store password. But i wrote a wrong password.
It could be any one of the parameter, not just the file name or alias - for me it was the Key Password.
I have forgotten my Keystore password and I don't really know what to do anymore (I can't or won't give any excuses for it). I want to update my app because I just fixed a bug but it's not possible anymore. What happens if I use the same Keystore but create a new key? Would I still be able to update the app and if it's not possible, how can I go about giving information to users about the updated version?
If anybody has had a problem like this or has come across troubles, what advice can you give to help remedy the situation? Fortunately, it is a free app.
Just encountered this problem myself - luckily I was able to find the password in some Gradle's temporary file. Just in case anyone lands here:
try looking for this file
..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin
or
.gradle/3.5/taskHistory/taskHistory.bin
.gradle/5.1.1/executionHistory/executionHistory.bin
.gradle/caches/5.1.1/executionHistory/executionHistory.bin
.gradle/5.1.1/executionHistory/executionHistory.bin
.gradle/3.5/taskHistory/taskHistory.bin
.gradle/2.10/taskArtifacts/taskArtifacts.bin
and search for
storePassword
It was there in cleartext. In general, if you do remember at least a part of your password, try searching for a file containing this substring and hopefully you will fish out something.
Wanted to throw it out here, maybe it will eventually help someone.
Edit: Added new insight from comments, just to be more visible.
Edit 2: Added some more locations reported in comments.
Thanks to Vivek Bansal, Amar Ilindra and Uzbekjon for these.
See this link
It's unfortunate, but when you lose your keystore, or the password to your keystore, your application is orphaned. The only thing you can do is resubmit your app to the market under a new key.
ALWAYS backup up your keystore and write the passwords down in a safe location.
Brute is your best bet!
Here is a script that helped me out:
https://code.google.com/p/android-keystore-password-recover/wiki/HowTo
You can optionally give it a list of words the password might include for a very fast recover (for me it worked in <1 sec)
In case a wrong password is provided, even just once, it keeps saying on next attempts:
Keystore tampered with or password incorrect.
Even when you provide the correct one. I tried it several times, maybe it's some kind of protection.
Close the export wizard and start it again with the correct password, now it works :)
Finally i found the solution after spending two days...
Follow these steps:
Go to project
In .gradle find your gradle version folder in my case it was 4.1 (Refer pic)
expand the 4.1 folder and then in taskHistory folder you will find taskHistory.bin file.
Open taskHistory.bin file in android studio itself.
Search for ".storePassword" .. That's it you got your keystore password.
This really worked to me.
Try this and happy coding!!!
SOLUTION 2019 (Windows, Android Studio 3.3, gradle 4.10):
This solution only works if "Remember password" checkbox was previously marked.
First of all taskArtifacts.bin don't exist for this version of gradle and idea.log shows asterisks for passwords. This was old days solutions that doesn't worked to me.
Where I found the clear text passwords: C:\Users\{username}\AndroidStudioProjects\{project}\app\build\intermediates\signing_config\release\out\signing-config.json
Keys: mStorePassword and mKeyPassword.
I really hope it helps someone else.
On a MAC launch Console utility and scrolled down to ~/Library/Logs -> AndroidStudio ->idea.log.1 (or any old log number)
Then I searched for "keystore" and it should appear somewhere in the logs.
Original question: link
In fact, losing thekeystore password is not a problem.
You can create a new keystore and set a new password for it with the keytool command below. You don't need original keystore password for it:
keytool -importkeystore -srckeystore path/to/keystore/with/forgotten/pw \
-destkeystore path/to/my/new.keystore
When prompted, create password for your new.keystore and for source keystore password (which you lost) just hit Enter.
You will get warning about integrity not checked, and you will get your new.keystore identical to original with newly set password.
The reason this works is keystore password is only used to provide integrity of the keystore, it does not encrypt data with it, in contrast to private key password, which actually keeps your private key encrypted.
Please note, that you must know your private key password to sign your apps. Well, if it is same as forgotten keystore password then you can resort to bruteforce as in #Artur's answer.
This approach always worked for me.
I feel I need to make it an answer because this could not be just in comments.
Like #ElDoRado1239 says in his answer (dont forget to upvote his answer ;)
Looks for ..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin in my case was in ..Project\.gradle\2.2.1\taskArtifacts\taskArtifacts.bin because I use gradle 2.2.1
Then look for storePassword like #Moxet Khan says in comments...in my case was at line signingConfig.storePassword¬í t my.forgoten.password—signingConfig.keyAlias
Hope help somebody else!!!
Simplest way to get keystore password
project_folder\app\build\intermediates\signing_config\release\out\signing-config.json
Check out this file
search for StorePassword in signing-config.json
{"mName":"externalOverride","mStoreFile":"C:\\Users\\dAvInDeR\\Desktop\\KEYSTORE\\keystore.jks","mStorePassword":"1234##abcd","mKeyAlias":"uploadkey","mKeyPassword":"1234##abcd","mStoreType":"jks","mV1SigningEnabled":false,"mV2SigningEnabled":false}
Hope fully it will help you.
Update: Sep 2022
It won't work with the latest version
Fortunately, I found my lost password along with the keystore path and alias name from my Android studio logs.
if you are running linux / Unix based machines.
Navigate to Library Logs directory
cd ~/Library/Logs/
in there if you remember your android studio version which you used to build the last release APK. Navigate to that Directory
ex : cd AndroidStudio1.5/
In there you will find the log files. in any of the log files (idea.log)
you will find your keystore credentials
example
-Pandroid.injected.signing.store.file=/Users/myuserid/AndroidStudioProjects/keystore/keystore.jks,
-Pandroid.injected.signing.store.password=mystorepassword,
-Pandroid.injected.signing.key.alias=myandroidkey,
-Pandroid.injected.signing.key.password=mykeypassword,
I hope this helps for Android Studio users
It may be bit late but it will help someone for sure
You can search password if you remember something otherwise try searching like
signingConfig.storePassword
also if you forgot key alias you can find here that also
search something like signingConfig.keyAlias
Project.gradle\3.3\taskArtifacts\taskArtifacts.bin
Hope it will help someone
After spending almost a day in researching the possible options for recovering the lost keystore password in Android Studio. I found the following 4 possible ways to do it:
Use AndroidKeystoreBrute to retrieve your password. This method is quite useful when you partially forgot your password means you still have some hints of your password in your mind.
You can also retrieve it through Android Studio log files if you have previously released the app(for which you finding the keystore password) with the same machine. Refer to the following directory:
Mac OSX
~/Library/Logs/AndroidStudio/idea.log.1
Linux (Possible Location)
/home/user_name/AndroidStudio/system/log
Windows (Possible Location)
C:\Users\user_name\AndroidStudio\system\log
and search for Pandroid.injected.signing.key.password inside the file. You gonna see the password if you have previously signed the app with the same Android Studio version in which you are looking currently.
You can also retrieve the password through .gradle directory of your project. Look for the following path
project_directory/.gradle/2.4/taskArtifacts/taskArtifacts.bin.
Note: This doesn't seem to work for newer versions of Gradle (2.10 and above).
If none of the above solutions works then you can try this one but for this one also you must have Android Studio IDE app or It's preferences in which your project keystore password have been saved earlier (Using the Remember password option at the time of signing the app). You can get the IDE preferences from the following path:
Mac OSX
~/Library/Logs/AndroidStudio/idea.log.1
Linux (Possible Location)
/home/user_name/AndroidStudio
Windows (Possible Location)
c:\user\username\.AndroidStudio
Just use the older Android Studio IDE if you have or import the preferences of the old IDE into new IDE and also put the keystore file in the same path where it was previously when you had signed it and save the password last time.
In this way once you open the project and try the Build->Generate Signed APK and select the keystore file from the older location. It will automatically retrieve the password and continue to generate the signed APK for release.
Once the release APK generates successfully you can follow the option 2 mentioned earlier to check your password from you log file for the recently generated release APK.
For anyone else who may run across this, I wanted to share an answer that may be the case for you or for others browsing this article (like myself).
I am using Eclipse and created my keystore in it for my 1.0 release. Fast forward 3 months and I wanted to update it to 1.1. When I chose Export... in Eclipse and chose that keystore, none of my passwords that I could remember worked. Every time it said "Keystore tampered with or password incorrect." It got to a point where I was getting ready to run a brute force program on it for as long as I could stand (a week or so) to try to get it to work.
Luckily, I to sign my unsigned .apk file outside of Eclipse. Voila - it worked! My password had been correct the entire time! I'm not sure why, but signing it in Eclipse through the Export menu was reporting an error even when my password was correct.
So, if you're getting this error, here are my steps (taken from Android documentation) to help you get your apk ready for the market.
NOTE: To get unsigned apk from Eclipse: Right-click project > Android Tools > Export Unsigned Application
Sign unsigned apk file with keystore
a. open administrator cmd prompt and go to "c:\Program Files\Java\jdk1.6.0_25\bin" or whatever version of java you have (where you have copied the unsigned apk file and your keystore)
b. at cmd prompt with keystore file and unsigned apk in same directory, type this command: jarsigner -keystore mykeystorename.keystore -verbose unsigned.apk myaliasnamefromkeystore
c. it will say: "Enter Passphrase for keystore:". Enter it and press Return.
d. ===> Success looks like this:
adding: META-INF/MANIFEST.MF
...
signing: classes.dex
e. the unsigned version is overwritten in place, so your signed apk file is now at the same file name as the unsigned one
Use ZipAlign to compact the signed apk file for distribution in the market
a. open admin cmd prompt and go to "c:\AndroidSDK\tools" or wherever you installed the Android SDK
b. enter this command: zipalign -v 4 signed.apk signedaligned.apk
c. ===> Success looks like this:
Verifying alignment of signedaligned.apk (4)
50 META-INF/MANIFEST.MF (OK - compressed)
...
1047129 classes.dex (OK - compressed)
Verification succesful
d. the signed and aligned file is at signedaligned.apk (the filename you specified in the previous command)
========> READY TO SUBMIT TO MARKETPLACE
I'm surprised no one has mentioned this, but you can go to Google Play developer support, and they will work with you to create a new upload key:
https://support.google.com/googleplay/android-developer/contact/otherbugs
I filled an issue, and they contacted me within 1 day.
Update: After following their email instructions I was able to create a new upload key, and it was enabled a few days later! Problem solved.
First download AndroidKeystoreBrute_v1.05.jar and then follow the given image.
prepare one wordlistfile like(wordlist.txt), in that file give your hint like
Password Hint:
users
Users
Password
password
pa55word
Password
#
*
#
$
&
1
2
123
789
U will get your password.
Adding this as another possibility. The answer may be right under your nose -- in your app's build.gradle file if you happened to have specified a signing configuration at some point in the past:
signingConfigs {
config {
keyAlias 'My App'
keyPassword 'password'
storeFile file('/storefile/location')
storePassword 'anotherpassword'
}
}
Do you feel lucky?!
I had the same problem at once.
Even though with App signing by Google Play, loosing keystore or it's password is not a big deal like earlier, Still as a developer we rather prefer to change it's password and use a generated keystore file without waiting for few days to google to handle it.
( To handle this issue with google use this link to make a request)
To handle this issue by ourselves,
First download two .java files from this link.
Then compile the ChangePassword.java by javac ChangePassword.java command.
Then after you may run
java ChangePassword <oldKeystoreFileName.keystore> <newKeystoreFileName.keystore>
Change oldKeystoreFileName.keystore with the path/ name of your current keystore file, and newKeystoreFileName.keystore with path/name for the new generated new keystore file.
This will promot you to
Enter keystore password:
. Just enter whatever you prefer :) no need to be the original password that lost. Then Enter the new password with *
new keystore password:
Voila, that's it. This won't change the checksum of your keystore and won't make any issues in app signing or uploading to play.google events.
IF you're able to build your app from a PC, but you don't recall the password, here's what you can do to retrieve the password:
Method 1:
In your build.gradle, add println MYAPP_RELEASE_KEY_PASSWORD as below:
signingConfigs {
release {
if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
storeFile file(MYAPP_RELEASE_STORE_FILE)
storePassword MYAPP_RELEASE_STORE_PASSWORD
keyAlias MYAPP_RELEASE_KEY_ALIAS
keyPassword MYAPP_RELEASE_KEY_PASSWORD
println MYAPP_RELEASE_KEY_PASSWORD
}
}
}
After that, run cd android && ./gradlew assembleRelease
Method 2:
Run keytool -list -v -keystore your <.keystore file path> e.g. keytool -list -v -keystore ./app/my-app-key.keystore.
It will ask for you to Enter keystore password: Just press enter key here. and you will be able to find mapped to Alias name:
Then, run grep -rn "<your alias name>" . in your terminal and you will be able to see your signing.json file as below:
./app/build/intermediates/signing_config/release/out/signing-config.json
The file will have your password in json format with key "mKeyPassword":" < your password > "
SOLUTION 2018: Sign app with new keystore file if you missing password or jks file.
1) Create new keystore.jks file with comand line (not android studio build menu)
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
Windows example:
"C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore "C:\keystore_new.jks"
2) Generate a .pem file from new keystore
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Windows example:
"C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -export -rfc -alias upload -file "C:\upload_cert.pem" -keystore "C:\keystore_new.jks"
3) Use this support form, set "keystore problem" and with attachment add .pem file:
https://support.google.com/googleplay/android-developer/contact/otherbugs
4) 12-48h you new keystore is enabled. Update your app on playstore with new apk signed with new keystore :D
Open taskHistory.bin and search for storePassword
In Ionic I was able to find it here: /app/platforms/android/app/build/intermediates/signing_config/release/out/signing-config.json
Maybe this will help someone. cheers.
Just to simplify things here, this solution works in 2020 for gradle ver: 5.4.1
Open the file: project\.gradle\5.4.1\executionHistory.bin
Key Store password:
Search for "storePassword" text
For Key Password:
Search for "keyAlias" text
After search check for the password in the same line or the next line.
Android brute force will not work if your both the passwords are different so the best option might be like that try to find the file named as
log.idea
in your
C:/users/your named account
then you might found that in there in android folder open that file lpg.idea in notepad and then search for
alias
using find option in notepad you will find it that the password and alias and alias passwors has been shown there
I have found the password in
C:\Users\{Username}\.AndroidStudio2.2\system\log\idea.txt
Search for
Pandroid.injected.signing.store.password
Go to taskhistory.bin in .gradle folder of your project search password scroll down till you find the password
Today 2/2/2021, I can find my pw in the file name "executionHistory.bin".
Let you open it by notepad++ and search for key keyPassword. See the attached picture below.
https://i.stack.imgur.com/NNHFA.png
There is a way you can reset your password.
Go to this link, Describe your issue (Forgot KeyStore Password) and generate a token.
https://support.google.com/googleplay/android-developer/contact/otherbugs
If you are lucky then within 1 hour you will get a replay. (Generally, it takes up to 2 days).
You will need to generate a new key and upload_certificate.pem and send it to google to reset. Yow will be given instruction in the mail.
To generate upload_certificate.pem go to android studio terminal and type :
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
To summarise there are 3 answers to this question (and the solution is not given by the accepted answer):
If you have your logs intact, then you can find the password in the Android Studio log files as per Georgi Koemdzhiev's answer above.
You can retrieve the password from the 'taskArtifacts.bin' file in your .gradle directory as per ElDoRado1239's and Gueorgui Obregon's answers above. This doesn't seem to work for newer versions of Gradle (2.10 and above).
Use AndroidKeystoreBrute to guess or bruteforce your password as per Srinivas Keerthiprakasam's answer above.
All these 3 solutions are covered in-depth at this link.
C:\Users\admin\AndroidStudioProjects\TrumpetTVChannel2.gradle\2.14.1\taskArtifacts\taskArtifacts.bin
1st try to create new keystore....then open taskArtifacts.bin with notepad and look for password that you just given....you will able to figure out words near to password that you just given then search for these words near to your password in same file....you will able to figure out the password.....:)