http://developer.android.com/tools/publishing/app-signing.html
I have a keystore that I already have an alias and password for.
I have released applications using this keystore.
I have now given ownership of one of these applications to someone else, and so to update that application they need to use my keystore. However I don't want them to use my alias or password.
Is it possible to create a new alias and password for the same keystore
and just as importantly
will Google Play allow an APK signed with the new alias to be used as an update for that already published app?
If so what is the command, or a good help link please?
Your key store contains your key. Just put your key in a new keystore. And give them that one. Or.. I suppose just give them the key.
Ok I got it, thanks #Rossco for the initial boost.
First I copied my keystore to a new file
ctrl+c ctrl+v
Then I changed the password on the keystore:
keytool -storepasswd -keystore my.keystore
Then I changed the name of the alias in the keystore
keytool -changealias -keystore my.keystore -alias "old_alias" -destalias "new_alias"
Then I changed the password for the new alias:
keytool -keypasswd -keystore my.keystore -alias new_alias -keypass oldAliasPassword -new newAliasPassword
And yes I've just tested it and uploaded a new version of the app with the new keystore alias
Thanks!
References:
Keystore change passwords
Can I change the alias of my key?
http://docs.oracle.com/javase/1.4.2/docs/tooldocs/windows/keytool.html
Related
(Mac)
I created a keystore with alias and password with the same name (projectOne) and when I try to get the SHA1 from that created keystore and put it on my created google console maps I have trouble getting the SHA1 out.
I type this in the terminal but it does not let me access the keystore.
keytool -list -v -keystore ~/.android/ projectOne.keystore -alias projectOne
It says this (roughly translated):
Invalid option/Unauthorized: projectOne.keystore
Now I use the SHA for debug:
keytool -list -v -keystore ~/.local/share/Xamarin/Mono\ for\ Android/debug.keystore -alias androiddebugkey -storepass android -keypass android
And this does not work when I try to "release" it. So I assume I have to get the SHA1 from my own created keystore but as I mentioned above. It says it is an invalid option/Unauthorized option.
Based from this documentation you need to first find the .keystore file that your .apk was signed with. The keystore used will depend on if your app's .apk package was created as a debug build, or if it was packaged with a different .keystore file.
For builds that you have signed with your projectOne.keystore file, you need to substitute your own values for the .keystore file, keystore password, and alias name from when you created the keystore file.
You can follow these tutorial and forum which suggested to verify that the alias or password you use is correct.
I am trying to push an update to my app, but when I am trying to build the APK, I get
Failed to read key from store: Keystore was tampered with, or password was incorrect
I am certain that the Key Alias and password are correct. Is there a way to fix this without having to generate a whole new keystore? From my understanding, if I generate a new keystore I can't push updates to the app that is already in the playstore
If this is an issue of forgetting the alias you used for your keystore, you can list the aliases for your keystore using the following command:
keytool -v -list -keystore .keystore
To enable another developer to sign an APK with one of my private-keys, should I give out the original KeyStore file, or would giving him only this specific key's password be enough?
Please note that my question intentionally disregards the "security" aspects of giving out a private signing key. This is not part of the question.
Thanks much.
You need to provide the other developer with the following:
The Keystore file
The password to the keystore
The name of the alias used to sign the app
The password to that alias.
If you wish, you can export the certificate for a single alias to a different keystore using the following commands:
keytool -export -alias myAlias -file mycert.cer -keystore existingKeystore.jks
keytool -importcert -file mycert.cer -keystore newKeystore.jks -alias myAlias
This is useful if you have multiple certificates in a single keystore and you only want to export a single certificate.
I'm trying to generate the MD5 Fingerprint I will use with the release of my application. I used Eclipse to Compile and Sign my application, which gave me a keystore file and a .apk file. Now i need to generate the MD5 for my MapViews. I tried using the cmd prompt to generate it, but everytime it states that no such file exists. Is there somewhere special i need to be storing the keystore so the keytool has access to it? Also, once i get the MD5 fingerprint, all i have to do is insert it and re-compile and sign my application (the same way i previously did it). Am i correct on that assumption? I've read through the developer docs and I'm still unclear on the whole process. Any help would be awesome.
You have a default debug keystore automatically. For release, you need to generate your own private keystore first with something like:
keytool -genkey -v -keystore my-release-key.keystore -alias release_alias -keyalg RSA -keysize 2048 -validity 10000
Once you've chosen and entered all the passwords (make a note of them!) you've generated a new MD5 (different from the debug one)
To view it:
keytool -list -alias release_alias -keystore c:\YOUR PATH TO IT\my-release-key.keystore
gives:
release_alias, 08-Sep-2010, PrivateKeyEntry,
Certificate fingerprint (MD5): CE:xx:xx:xx etc....
If you use Google maps then you need a new API key for this. Repeat the process you did to generate the one for the debug MD5 but enter the new MD5
Hope this helps.
straight from http://code.google.com/android/add-ons/google-apis/mapkey.html it says:
To register for a Maps API Key, you need to provide an MD5 fingerprint of the certificate that you will use to sign your application. Before you visit the registration page, use Keytool to generate the fingerprint of the appropriate certificate.
First, determine which key you will use to sign your application at release and make sure of the path to the keystore that contains it.
Next, run Keytool with the -list option, against the target keystore and key alias. The table below lists the options you should use.
I dont understand the directions to do this. I tried on the terminal using:
keytool -genkey -v -keystore microjobs.keystore -alias mjkey -keyalg RSA
and entered name, and city state then:
keytool -list
but it returns:
keytool error: java.lang.Exception: Keystore file exists, but is empty:
What should i do?
Thanks.
Might be an access problem to the folder ?
Also, later in the page you reference in your question, if you look here, Eclipse can help you generate and locate your API key.
Navigate to the folder containing the keystore file, and then run
keytool -list -alias your_alias -keystore your_file_name
where your_file_name is just the file name, without path.