I'm trying to create a public/private key pair using the keytool function so I can submit an Android app to Google Play. When I try to sign the app using the key I made, I get this error from jarsigner
jarsigner: Certificate chain not found for: SHA1withDSA.
SHA1withDSA must reference a valid KeyStore
key entry containing a private key and corresponding public key certificate chain.
Same thing when I try using RSA. When I look at the keys for the keystore, all I see if the
Entry type: PrivateKeyEntry
Not the public and private keys.
The command I used to create they key was
keytool -genkey -keystore nameofkeystore.keystore
-alias coffitivity -keypass *passwordommitted* -storepass *thepasswordommitted*
I'm not actually 100% sure what I did to fix it, but this is what I did and now it works
keytool -genkeypair -v -keystore my-release-key.keystore
-alias coffdroid -keyalg RSA -keysize 2048 -validity 10000
Note: difference is I used "-genkeypair" instead of "genkey" even though they're supposed to be the same
Second: made a new unsigned .apk. This is likely what fixed it - so if you're hitting the wall, do that over.
Then Jarsigner
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1
-keystore my-release-key.keystore /Users/tommynicholas/Desktop/*apkname*.apk coffdroid
Related
Here my problem is:
- Last week I had generated the signed apk and upload to playstore.
- I had implemented firebase auth in that apk but using debug key(debug md5).
Now I want to generate released key hash(release md5) for this app, but due to my key alias name with space like(my name) instead of (my_name)cause a problem like [Illegal option: name ] and below.
And now I knew that if I make alias name without space like (my_name), the release md5 hash key will be generated easily.
keytool -exportcert -list -v -alias my name -keystore /home/bpn/Music/keystore.jks
Illegal option: name
keytool -list [OPTION]...
Lists entries in a keystore
Options:
-rfc output in RFC style
-alias alias name of the entry to process
-keystore keystore name
-storepass keystore password
-storetype keystore type
-providername provider name
-providerclass provider class name
-providerarg provider argument
-providerpath provider classpath
-v verbose output
-protected password through protected mechanism
Use "keytool -help" for all available commands
Put the name of the key alias in quotes, like this:
keytool -exportcert -list -v -alias "my name" -keystore
/Path/to/keystore.jks
I made the experience that a space in the alias causes more troubles than it's worth. You can use the following command to change the alias if you like to. After you change the alias it's still possible to update your app in the Google Play Store.
keytool -changealias -alias "ALIAS OLD" -destalias "ALIASNEW"
-keypass PASSWORD -keystore /Path/to/keystore.jks -storepass PASSWORD
Use double quotation for alias below is example.
jarsigner -verb
ose -sigalg SHA1withRSA -digestalg SHA1 -keystore keystore.jks unsignedapp.apk "alias name"
I have been trying to get my key hash for my release to work for hours now, and I must be doing something wrong because I have searched and tried so many different things,
Now lets say my alias is john_doe_key, and my keysotre is located at /Users/loaner/Downloads/UEat/app/app-release.apk
I would have my command in my terminal look like this correct?
keytool -exportcert -alias john_doe_key -keystore ~/Users/loaner/Downloads/UEat/app/app-release.apk | openssl sha1 -binary | openssl base64
or is that not right?
I have tried this and logging the key like face books says in the guide.
Thanks for the help in advance
From reading your comment and seeing what you have so far, you're trying to get the key hash for Facebook, right?
First, make sure that you have signed your apk (which is your app). You can sign your apk in Android Studio by Build -> "Generate Signed APK...". When you sign your apk, you create your keystore and an alias for that keystore. I think your are confusing "keystore" with the "apk".
Also, you have to include your alias and keystore passwords in your command.
It should look like this:
keytool -exportcert -keystore keystore_file -alias alias_name -storepass keystorepassword -keypass aliaspassword | openssl sha1 -binary | openssl base64
Also, make sure that you are creating a "Release Build", which can be selected from the Build Variants menu.
Generate a key store
$ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Sign an apk.
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
I am from brazil and im trying to generate a keystore and after going to the bin of my jre7/bin in here its "C:\Program Files\Java\jdk1.7.0_51\bin" i try to run this code:
keytool -genkey -v -keystore my-release-key.keystore
-alias alias_name -keyalg RSA -keysize 2048 -validity 10000
But it is asking me for a password after that and i cant type anything like, i pressed all the keyboard keys and nothing was writen all i can do is press enter and the key is not generated... Has anyone ever went through this? In portuguese he asks me for: "Informe a senha da área de armazenamento de chaves:"
You have to type password, which will be used to encrypt the key store and then confirm it.
Passwords are not shadowed to the console, so it looks empty for you.
You may specify password in the command line itself with storepass and keypass parametrs
keytool -genkey -v -keystore my-release-key.keystore \
-storepass mypassword123 -keypass mypassword123 \
-alias alias_name -keyalg RSA -keysize 2048 -validity 10000
storepass is the password to encrypt the whole key store, and keypass is used to encrypt the key entry. Their values do not have to be the same.
if in debug mode use android
I hope it helped you
I have made an Android Live wallpaper application using a software and the app is running perfectly on my device so I thought about uploading it to Playstore.When I uploaded my app it game me following error :
**
"You uploaded an APK signed with a certificate that expires too soon.
You need to sign your APK with a certificate that expires farther into the future."
Now how I can sign my certificate again ?
Please I need detailed tutorial !
you have to create a new signing key that will expire in 25 years or so and sign your application toth that key
to generate map key:=
go to C:\users....android.
keytool -list -alias androiddebugkey -keystore C:\users....android\debug.keystore
-storepass android -keypass android
MD5 finger print:
79:9F:B9:2B:F0:51:C8:48:2E:39:5B:72:AB:42:24:91
map key:
0lujtKtuh8x_MfEUSN5OpCj6HVCxX9lvBDgCT2w
to generate certificate:=
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA
-keysize 2048 -validity 10000
password1- ...,123
password2- ....,1234
previous map key generated : 0Vd9Hpw3AaaLfuaYgC8btoNu8OkuZe4bPXD9oPg
You need to:
Create a release.keystore (it not already done):keytool -genkey -v -keystore release.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Remove the old signature:zip -d foo.apk META-INF/\*
Sign with the new key:jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore release.keystore my_application.apk alias_name
Verify the signature:
jarsigner -verify -verbose -certs my_application.apk
Is it necessary to create both (private and public keys) via keytool utility? Is the private key created by "-protected" added when exporting keystore by keytool? If I have now private and public keys, how to make initial signing process and verification of some, e.g. external XML document?
Thanks
You are following the android keytool tutorial, it shouldn't create multiple keys it should create a single .keystore file.
keytool -genkey -v -keystore my-release-key.keystore
-alias alias_name -keyalg RSA -keysize 2048 -validity 10000
you shouldn't be getting a private&pub key