To enable another developer to sign an APK with one of my private-keys, should I give out the original KeyStore file, or would giving him only this specific key's password be enough?
Please note that my question intentionally disregards the "security" aspects of giving out a private signing key. This is not part of the question.
Thanks much.
You need to provide the other developer with the following:
The Keystore file
The password to the keystore
The name of the alias used to sign the app
The password to that alias.
If you wish, you can export the certificate for a single alias to a different keystore using the following commands:
keytool -export -alias myAlias -file mycert.cer -keystore existingKeystore.jks
keytool -importcert -file mycert.cer -keystore newKeystore.jks -alias myAlias
This is useful if you have multiple certificates in a single keystore and you only want to export a single certificate.
Related
(Mac)
I created a keystore with alias and password with the same name (projectOne) and when I try to get the SHA1 from that created keystore and put it on my created google console maps I have trouble getting the SHA1 out.
I type this in the terminal but it does not let me access the keystore.
keytool -list -v -keystore ~/.android/ projectOne.keystore -alias projectOne
It says this (roughly translated):
Invalid option/Unauthorized: projectOne.keystore
Now I use the SHA for debug:
keytool -list -v -keystore ~/.local/share/Xamarin/Mono\ for\ Android/debug.keystore -alias androiddebugkey -storepass android -keypass android
And this does not work when I try to "release" it. So I assume I have to get the SHA1 from my own created keystore but as I mentioned above. It says it is an invalid option/Unauthorized option.
Based from this documentation you need to first find the .keystore file that your .apk was signed with. The keystore used will depend on if your app's .apk package was created as a debug build, or if it was packaged with a different .keystore file.
For builds that you have signed with your projectOne.keystore file, you need to substitute your own values for the .keystore file, keystore password, and alias name from when you created the keystore file.
You can follow these tutorial and forum which suggested to verify that the alias or password you use is correct.
I am quite new to android, this question maybe quite simple. But i do need your help. I am preparing to submit a update to google play now. When i export the android application, there is a keystore selection dialog. But i don't have the keystore. The project was developed by another company before. Now we only have the source code and the google play developer account. After reading the Signing Your Applications, i know i need to generate one. But there is still something i am not sure about this.
The keystore generate command as below:
$ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
This is a self-signed certificate. Is this sufficient for me to submit the update? Or need me to generate another one ? if so, then how to do that?
Any suggestion would be much appreciated.
For creating your own Keystore go to C:\Program Files\Java\jdk1.6.0\bin and execute below command
C:\Program Files\Java\jdk1.6.0\bin>keytool -genkey -v -keystore app.keystore -alias app -keyalg RSA -keysize 2048 -validity 300000
It'll created your app.keystore in C:\Program Files\Java\jdk1.6.0\bin directory and by using this keystore you can sign you application. You must keep this keystore safe because of your app next update.
Update: command for generate SHA-1 from your app.keystore
D:>keytool -v -list -alias app -keystore "D:app.keystore" -storepass app -keypass app
Right click to the project --> select Android tools -->Export signed Application package
this bring you to window "Export Android Application"
Complete the rest. this will give you signed apk as well as keystore
You can take help from this link too :https://www.youtube.com/watch?v=IYhJp-jqJyM
You'll need the original keystore, otherwise you won't be able to update the application on the Play Store. Ask the previous developer to give the one he used to sign the application, then save it in the safest place you can think of.
http://developer.android.com/tools/publishing/app-signing.html
I have a keystore that I already have an alias and password for.
I have released applications using this keystore.
I have now given ownership of one of these applications to someone else, and so to update that application they need to use my keystore. However I don't want them to use my alias or password.
Is it possible to create a new alias and password for the same keystore
and just as importantly
will Google Play allow an APK signed with the new alias to be used as an update for that already published app?
If so what is the command, or a good help link please?
Your key store contains your key. Just put your key in a new keystore. And give them that one. Or.. I suppose just give them the key.
Ok I got it, thanks #Rossco for the initial boost.
First I copied my keystore to a new file
ctrl+c ctrl+v
Then I changed the password on the keystore:
keytool -storepasswd -keystore my.keystore
Then I changed the name of the alias in the keystore
keytool -changealias -keystore my.keystore -alias "old_alias" -destalias "new_alias"
Then I changed the password for the new alias:
keytool -keypasswd -keystore my.keystore -alias new_alias -keypass oldAliasPassword -new newAliasPassword
And yes I've just tested it and uploaded a new version of the app with the new keystore alias
Thanks!
References:
Keystore change passwords
Can I change the alias of my key?
http://docs.oracle.com/javase/1.4.2/docs/tooldocs/windows/keytool.html
I'm trying to generate the MD5 Fingerprint I will use with the release of my application. I used Eclipse to Compile and Sign my application, which gave me a keystore file and a .apk file. Now i need to generate the MD5 for my MapViews. I tried using the cmd prompt to generate it, but everytime it states that no such file exists. Is there somewhere special i need to be storing the keystore so the keytool has access to it? Also, once i get the MD5 fingerprint, all i have to do is insert it and re-compile and sign my application (the same way i previously did it). Am i correct on that assumption? I've read through the developer docs and I'm still unclear on the whole process. Any help would be awesome.
You have a default debug keystore automatically. For release, you need to generate your own private keystore first with something like:
keytool -genkey -v -keystore my-release-key.keystore -alias release_alias -keyalg RSA -keysize 2048 -validity 10000
Once you've chosen and entered all the passwords (make a note of them!) you've generated a new MD5 (different from the debug one)
To view it:
keytool -list -alias release_alias -keystore c:\YOUR PATH TO IT\my-release-key.keystore
gives:
release_alias, 08-Sep-2010, PrivateKeyEntry,
Certificate fingerprint (MD5): CE:xx:xx:xx etc....
If you use Google maps then you need a new API key for this. Repeat the process you did to generate the one for the debug MD5 but enter the new MD5
Hope this helps.
straight from http://code.google.com/android/add-ons/google-apis/mapkey.html it says:
To register for a Maps API Key, you need to provide an MD5 fingerprint of the certificate that you will use to sign your application. Before you visit the registration page, use Keytool to generate the fingerprint of the appropriate certificate.
First, determine which key you will use to sign your application at release and make sure of the path to the keystore that contains it.
Next, run Keytool with the -list option, against the target keystore and key alias. The table below lists the options you should use.
I dont understand the directions to do this. I tried on the terminal using:
keytool -genkey -v -keystore microjobs.keystore -alias mjkey -keyalg RSA
and entered name, and city state then:
keytool -list
but it returns:
keytool error: java.lang.Exception: Keystore file exists, but is empty:
What should i do?
Thanks.
Might be an access problem to the folder ?
Also, later in the page you reference in your question, if you look here, Eclipse can help you generate and locate your API key.
Navigate to the folder containing the keystore file, and then run
keytool -list -alias your_alias -keystore your_file_name
where your_file_name is just the file name, without path.