I am just following the instruction by Google here, and I am failing in step 3:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
I get this message:
jarsigner: Certificate chain not found for: myApp. myApp must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
What am I doing wrong?
Btw, I'm not using Eclipse and Android Studio. The apk is already been built in release mode and the project were not done in Eclipse/Android Studio, so I figured I would have to use jarsigner.
You give wrong parameter at the alias_name parameter
the basic format of jarsigner is
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore
my-release-key.keystore my_application.apk alias_name
So you should change your alias_name with correct one :)
you can check it with
keytool -keystore yourkeystorename.keystore -list -v
If you use Android studio go to Build->Generate sign apk
if you use Eclipse right click on the project Android tools-> export signed apk
If you are on eclipse, go to your manifest and click
Use the export wizard to export and sign apk
Related
I've decoded an APK with apktool (as the original source code was lost) so I could fix some issues with the layout xml files. I've then rebuilt it back up with apktool and when I tried to install it on my device (using adb: adb install appname.apk) it gave me this error:
[INSTALL_PARSE_FAILED_NO_CERTIFICATES]
the original apk however was signed by a keystore (on eclipse IDE), this one isn't, how can I sign it properly with it's original keystone file outside Eclipse!?
create a key using
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
then sign the apk using :
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
check here for more info
Automated Process:
Use this tool (uses the new apksigner from Google):
https://github.com/patrickfav/uber-apk-signer
Disclaimer: Im the developer :)
Manual Process:
Step 1: Generate Keystore (only once)
You need to generate a keystore once and use it to sign your unsigned apk.
Use the keytool provided by the JDK found in %JAVA_HOME%/bin/
keytool -genkey -v -keystore my.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias app
Step 2 or 4: Zipalign
zipalign which is a tool provided by the Android SDK found in e.g. %ANDROID_HOME%/sdk/build-tools/24.0.2/ is a mandatory optimization step if you want to upload the apk to the Play Store.
zipalign -p 4 my.apk my-aligned.apk
Note: when using the old jarsigner you need to zipalign AFTER signing. When using the new apksigner method you do it BEFORE signing (confusing, I know). Invoking zipalign before apksigner works fine because apksigner preserves APK alignment and compression (unlike jarsigner).
You can verify the alignment with
zipalign -c 4 my-aligned.apk
Step 3: Sign & Verify
Using build-tools 24.0.2 and older
Use jarsigner which, like the keytool, comes with the JDK distribution found in %JAVA_HOME%/bin/ and use it like so:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my.keystore my-app.apk my_alias_name
and can be verified with
jarsigner -verify -verbose my_application.apk
Using build-tools 24.0.3 and newer
Android 7.0 introduces APK Signature Scheme v2, a new app-signing scheme that offers faster app install times and more protection against unauthorized alterations to APK files (See here and here for more details). Therefore, Google implemented their own apk signer called apksigner (duh!)
The script file can be found in %ANDROID_HOME%/sdk/build-tools/24.0.3/ (the .jar is in the /lib subfolder). Use it like this
apksigner sign --ks-key-alias alias_name --ks my.keystore my-app.apk
and can be verified with
apksigner verify my-app.apk
The official documentation can be found here.
fastest way is by signing with the debug keystore:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore ~/.android/debug.keystore app.apk androiddebugkey -storepass android
or on Windows:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore %USERPROFILE%/.android/debug.keystore test.apk androiddebugkey -storepass android
You use jarsigner to sign APK's. You don't have to sign with the original keystore, just generate a new one. Read up on the details: http://developer.android.com/guide/publishing/app-signing.html
For those of you who don't want to create a bat file to edit for every project, or dont want to remember all the commands associated with the keytools and jarsigner programs and just want to get it done in one process use this program:
http://lukealderton.com/projects/programs/android-apk-signer-aligner.aspx
I built it because I was fed up with the lengthy process of having to type all the file locations every time.
This program can save your configuration so the next time you start it, you just need to hit Generate an it will handle it for you. That's it.
No install required, it's completely portable and saves its configurations in a CSV in the same folder.
Updated answer
Check https://shatter-box.com/knowledgebase/android-apk-signing-tool-apk-signer/
Old answer
check apk-signer a nice way to sign your app
ERROR MESSAGE:
jarsigner: Certificate chain not found for: project_foo.<br/>
project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
QUESTION:
How do I include a public key certificate chain to address the error?
BACKGROUND:
The App Developer has completed an Android app and delivered an unsigned APK called Foo.apk. My objective is to sign and zipalign the APK in preparation for uploading it to the Google Play store. My keystore is located at C:\Path\.keystore on a Windows machine.
COMMAND LINE, my command:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore C:\Path\\.keystore Foo.apk project_foo
COMMAND LINE, response:
Enter Passphrase for keystore:
jarsigner: Certificate chain not found for: project_foo.<br/>
project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
ALSO TRIED:
Verified that I remember the correct password. Using 'keytool -list' from the command line shows me the expected list (it includes one private key).
PREVIOUS OS QUESTION: certificate chain not found asked using a .cer file from Verisign. I have no similar file available.
OTHER INFORMATION: Windows 7 machine, using standard Windows command prompt.
keytool -keystore formconnect.keystore -list -v
You can use this command to find out your alias name after you have generated your key.
First line of execution contains the Alias name: <value> If keytool is used then alias name might be "mykey".
Use that alias name while packaging the application.
i had the same issue
my commands were
to generate key
keytool -genkey -v -keystore testapp-key.keystore -alias testapp-key -keyalg RSA -keysize 2048 -validity 10000
and then i did this to sign the app
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore testapp-key.keystore testapp.apk testapp
i got this error
jarsigner: Certificate chain not found for: testapp.<br/>
project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
then i replaced the alias 'testapp' in the jarsignir command with the key alias that is 'testapp-key' it is in first command i.e. key generation command
the command will look like this
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore testapp-key.keystore testapp.apk testapp
in your case it will be like this
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore C:\Path\\.keystore Foo.apk your-key-alias
The Developer on our team proposed the solution that fixed the problem. Previously I had copied the Foo.apk into the directory with the jarsigner.exe and tried to run it there. He proposed:
Set the PATH environment variable so Windows can find the jarsigner executable.
Move the Foo.apk to the path where the keystore was located.
Run the command below (without using a path to find the keystore).
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore .keystore Foo.apk project_foo
It works! Removing the necessity to specify file path for the keystore fixed the problem.
add release unsigned.apk folder path
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore keystorename.keystore .....\platforms\android\build\outputs\apk\android-release-unsigned.apk aliasname
it's work for me !!
If you are trying to sign your .aab or .apk ,from Android Studio but keep getting this error even though you are doing everything right, here is the solution that worked for me:
Go to search and find Command Prompt. Run it as Administrator. Now Type this line.
"C:--->Your Path To jarsiner<---\jdk1.8.0_192\bin\jarsigner" -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore "C: **--->Your Path To the Keystore<---**\Desktop\OfficalBuilds\MyKey.keystore" "C:**--->Your Path To the .apk Or .aab<---**\Desktop\MyFinalBuild.aab" "My Alias "
If you tried the above solutions,you will notice now the alias is typed inside " ". Also sometime there is a space at the end "My Alias "
I just built an appp in phone gap build i'm trying to generate the keystore file,
Does anyone know how to open and sign an apk file in eclipse on a mac?
I'm thinking i'll have to run phonegap locally some how?
Cheers,
If you've built the APK outside of Eclipse, you can sign it on the command line using the Jarsigner tool, as described here in the Android developer documentation.
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore
my_application.apk alias_name
Where my-release-key.keystore is the path to your keystore, my_application.apk is the path to your APK, and alias_name is the name of the alias you gave the release signing key in your keystore.
Depending on whether you set up a password on your keystore and the signing key within it, you may need to add the flags -storepass mystorepass and -keypass mykeypass.
I have created my app on google play, when I got to sumbit the APK I get this error:
Upload failed
Your APK cannot be analyzed using 'aapt dump badging'. Error output:
Failed to run aapt dump badging:
ERROR: dump failed because no AndroidManifest.xml found
I clearly have a AndroidManifest.xml file in my project, I also have compressed my .apk to .zip too, I'm clueless to whats wrong.
There are few steps before going to upload .apk on Play store
1.Generate private key using
keytool -genkey -v -keystore my-release-key.keystore
-alias alias_name -keyalg RSA -keysize 2048 -validity 10000
2.Compile application in release mode: Right click on project then chose Android Tools then Export Unsigned Application Package give the location where you want to save the .apk. Here after successful saving, eclipse alert you about What next to do?
3.Now sign your application with private key generated in step first
jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 -keystore my-release-key.keystore
your_app_name.apk alias_name
in this step jarsigner may throw the error if your my-release-key.kestore and your_app_name.apk are not at same location.
4.align your package using zipalign tool
zipalign -v 4 your_project_name-unaligned.apk your_project_name.apk
very clearly explained at developer.android.com
Rahul is right, I am also struggling with all the landmines left behind by google, but I managed to complete step 3 thanks to his insight.
I must add that JDK7 users must change the encryption algorithms and key size with the jarsigner:
1)
jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 –keystore mykeystore myApp.apk mykey
2)
keytool -genkey -alias mykeystore -keyalg RSA -keysize 1024 -sigalg MD5withRSA -keystore mykey –validity 36500
I've decoded an APK with apktool (as the original source code was lost) so I could fix some issues with the layout xml files. I've then rebuilt it back up with apktool and when I tried to install it on my device (using adb: adb install appname.apk) it gave me this error:
[INSTALL_PARSE_FAILED_NO_CERTIFICATES]
the original apk however was signed by a keystore (on eclipse IDE), this one isn't, how can I sign it properly with it's original keystone file outside Eclipse!?
create a key using
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
then sign the apk using :
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
check here for more info
Automated Process:
Use this tool (uses the new apksigner from Google):
https://github.com/patrickfav/uber-apk-signer
Disclaimer: Im the developer :)
Manual Process:
Step 1: Generate Keystore (only once)
You need to generate a keystore once and use it to sign your unsigned apk.
Use the keytool provided by the JDK found in %JAVA_HOME%/bin/
keytool -genkey -v -keystore my.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias app
Step 2 or 4: Zipalign
zipalign which is a tool provided by the Android SDK found in e.g. %ANDROID_HOME%/sdk/build-tools/24.0.2/ is a mandatory optimization step if you want to upload the apk to the Play Store.
zipalign -p 4 my.apk my-aligned.apk
Note: when using the old jarsigner you need to zipalign AFTER signing. When using the new apksigner method you do it BEFORE signing (confusing, I know). Invoking zipalign before apksigner works fine because apksigner preserves APK alignment and compression (unlike jarsigner).
You can verify the alignment with
zipalign -c 4 my-aligned.apk
Step 3: Sign & Verify
Using build-tools 24.0.2 and older
Use jarsigner which, like the keytool, comes with the JDK distribution found in %JAVA_HOME%/bin/ and use it like so:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my.keystore my-app.apk my_alias_name
and can be verified with
jarsigner -verify -verbose my_application.apk
Using build-tools 24.0.3 and newer
Android 7.0 introduces APK Signature Scheme v2, a new app-signing scheme that offers faster app install times and more protection against unauthorized alterations to APK files (See here and here for more details). Therefore, Google implemented their own apk signer called apksigner (duh!)
The script file can be found in %ANDROID_HOME%/sdk/build-tools/24.0.3/ (the .jar is in the /lib subfolder). Use it like this
apksigner sign --ks-key-alias alias_name --ks my.keystore my-app.apk
and can be verified with
apksigner verify my-app.apk
The official documentation can be found here.
fastest way is by signing with the debug keystore:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore ~/.android/debug.keystore app.apk androiddebugkey -storepass android
or on Windows:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore %USERPROFILE%/.android/debug.keystore test.apk androiddebugkey -storepass android
You use jarsigner to sign APK's. You don't have to sign with the original keystore, just generate a new one. Read up on the details: http://developer.android.com/guide/publishing/app-signing.html
For those of you who don't want to create a bat file to edit for every project, or dont want to remember all the commands associated with the keytools and jarsigner programs and just want to get it done in one process use this program:
http://lukealderton.com/projects/programs/android-apk-signer-aligner.aspx
I built it because I was fed up with the lengthy process of having to type all the file locations every time.
This program can save your configuration so the next time you start it, you just need to hit Generate an it will handle it for you. That's it.
No install required, it's completely portable and saves its configurations in a CSV in the same folder.
Updated answer
Check https://shatter-box.com/knowledgebase/android-apk-signing-tool-apk-signer/
Old answer
check apk-signer a nice way to sign your app