I am getting following error while generating certificates on my local machine.
C:\Users\abc>keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
I think there is some problems in jdk version.I ran the same command on my collegues machine and it is working fine.
Please share your inputs.
I solved it by using the default password for cacerts keystore : 'changeit'
This answer will be helpful for new Mac User (Works for Linux, Window 7 64 bit too).
Empty Password worked in my mac . (paste the below line in terminal)
keytool -list -v -keystore ~/.android/debug.keystore
when it prompt for
Enter keystore password:
just press enter button (Dont type anything).It should work .
Please make sure its for default debug.keystore file , not for your project based keystore file (Password might change for this).
Works well for MacOS Sierra 10.10+ too.
I heard, it works for linux environment as well. i haven't tested that in linux yet.
From your description I assume you are on windows machine and your home is abc
So Now : Cause
When you run this command
keytool -genkey -alias tomcat -keyalg RSA
because you are not specifying an explicit keystore it will try to generate (and in your case as you are getting exception so to update) keystore C:\users\abc>.keystore and of course you need to provide old password for .keystore while I believe you are providing your version (a new one).
Solution
Either delete .keystore from C:\users\abc> location and try the command
or try following command which will create a new xyzkeystore:
keytool -genkey -keystore xyzkeystore -alias tomcat -keyalg RSA
Note: -genkey is old now rather use -genkeypair althought both work equally.
According to the documentation:
The default password for the debug keystore is android.
I have solve this issue by using default password "changeit".
Using changeit for the password is important too.
This command finally worked for me(with jetty):
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass changeit -validity 360 -keysize 2048
In tomcat 8.5 pay attention to write the correct name of attributes. This is my code on server.xml:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/keystore" certificateKeystorePassword="mypassword" type="RSA"/>
</SSLHostConfig>
</Connector>
You can visit https://tomcat.apache.org/tomcat-8.5-doc/config/http.html to see all attributes
If you are working on signing your Flutter App by following this guide Build and release an Android app and run in to this error. I hope this answer helps you.
In my case I changed the path to store my key.jks. This happened to me because I there was an existing file in that path.
keytool -genkey -v -keystore ~/key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias key
This command stores the key.jks file in your home directory. To store it elsewhere, change the argument you pass to the -keystore parameter.
In my case,
keytool -genkey -v -keystore /Users/Y/Desktop/X/key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias keyYour
i.e Y - Username and X - folder name
Then you will be prompted to Enter keystore password: and Re-enter new password:. Here you can use whatever password you want.
However, keep the keystore file private; don’t check it into public source control!
Empty password worked for me on my Mac
keytool -list -v -keystore ~/.android/debug.keystore
hit Enter then It's show you
Enter keystore password:
here just hit Enter for empty password
Works on Windows
open command prompt (press Windows Key + R then type "cmd" without quotations in the appearing dialogue box and then press Enter Key).
then type the code sniff below :
cd C:\Program Files\Java\jdk1.7.0_25\bin
then type following command
keytool -list -keystore "C:/Documents and Settings/Your Name/.android/debug.keystore"
Then it will ask for Keystore password now. The default password is
"android" type and enter or just hit enter "DONT TYPE ANY PASSWORD".
Summarizing the advices from this page, I finished up with the following:
keytool -genkeypair -keystore ~/.android/release.keystore -alias <my_alias> -storepass <my_cert_pass> -keyalg RSA
Then I got a set of questions regarding name, organization, location and password for my alias.
Check your home folder ~/.gradle/gradle.properties. Sometimes if you have gradle.properties in home directory it takes details from the there. Either you can change that or delete the files. Then it will take required details from your local folder.
I fixed this issue by deleting the output file and running the command again. It turns out it does NOT overwrite the previous file. I had this issue when renewing a let's encrypt cert with tomcat
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
I solved my problem when I changed keystore path C:\MyWorks\mykeystore to C:\MyWorks\mykeystore.keystore.
In my case I was needed to have root access.
[root#localhost Certificate]# openssl pkcs12 -export -in
/opt/Certificate/115c99f4c5aa98f5.crt -inkey /opt/Certificate/ravi.in.key -certfile
/opt/Certificate/gd_bundle-g2-g1.crt -out RaviNew.p12
Enter Export Password: <Password>
Verifying - Enter Export Password: <Password>
Note :- Above Export Pasworrd write down anywhere because it is must to create JKS file ( It is depend on your choice what password you want to make )
keytool -importkeystore -srckeystore DigiEduNew.p12 -srcstoretype pkcs12 -destkeystore finaldigiEdu.jks -deststoretype JKS
Importing keystore DigiEduNew.p12 to finaldigiEdu.jks...
Enter destination keystore password: <Any Password >
Re-enter new password: <Any Password >
Enter source keystore password: <.P12 Password >
Entry for alias 1 successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or
cancelled
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12
which is an industry standard format using "keytool -importkeystore -srckeystore
finaldigiEdu.jks -destkeystore finaldigiEdu.jks -deststoretype pkcs12".
For me I solved it by changing passwords from Arabic letter to English letter, but first I went to the folder and deleted the generated key then it works.
In my case with Xamarin Forms 4.7 and Visual Studio 2019 16.7.0 Preview 3.1, the problem was version mismatch of lately updated Android Build tools (apksigner) and JDK. Updated JDK to latest and pointed the new JDK path on Tools->Options->Xamarin->Android Settings, and it works.
Just upgraded to Android Studio 4.2 from 4.0. Apparently, Android Studio silently CHANGED my keystore password, which has been sitting there unchanged and working perfectly without incident for well over a year.
Just had to re-renter both passwords.
Sigh
If you already have a .store file, you have to use the same password as you did to generate it. So in my case the solution was:
rm *.store
rm *.cer
That may sound odd to you but I'm just trying to learn about keytool and am source controlling my tutorial files and rerunning them later!
you have two options:
cmd doesn't show the password on the screen while typing
so just type the correct passwd -and be careful- then press enter.
Or
just use:
keytool -list -keystore 'keystoreName' -storepass 'type your keystore passwd'
and for Keys' full info, add -v:
keytool -v -list -keystore 'keystoreName' -storepass 'type your keystore passwd'
This answer is helpful for those who manage multiple keystores across different projects.
I had the same error and I noticed I was using a file keystore.jks with the password of another keystore.jks which throws this exception since the password doesn't match.
With openjdk I had the same problem.
After I updated openjdk to "11.0.17" the problem was gone.
i am trying to create google login app in which i need Android Signing Certificate SHA-1.
At the starting there is .android folder in which contain two other files
but those are not debug.keystore so i read somewhere on stackoverflow they
said delete .android folder its will automatically created when rebuild the
project so i did it but it not created any .android folder or debug.keystore
i tried various command its giving only error given below
C:\Program Files\Java\jdk1.8.0_65\bin>keytool -list -v -keystore
"C:\Users\kulde\.android\debug.keystore" -alias androiddebugkey -storepass
android -keypass android
keytool error: java.lang.Exception: Keystore file does not exist:
C:\Users\kulde\.android\debug.keystore
java.lang.Exception: Keystore file does not exist:
C:\Users\kulde\.android\debug.keystore
at sun.security.tools.keytool.Main.doCommands(Main.java:742)
at sun.security.tools.keytool.Main.run(Main.java:340)
at sun.security.tools.keytool.Main.main(Main.java:333)
Instead of using debug.keystore which is less secure use your own created keyStore. Follow this to do the same
After you created your keystore, run the following command in terminal of Android studio.
keytool -list -v -keystore "path where .jks file is stored"
After this terminal will ask for password which you have created in above step.
Finally you will get your SHA-1 certificate.
Make sure you store your keystore safely. It will be used in future when you upload your App.
There is no debug.keystore in .android folder
The debug.keystore is created automatically on first build that uses it.
or
According to the documentation, performing a build in Eclipse or using ant debug should automatically generate ~/.android/debug.keystore.
But in case this doesn't work, you can create one manually by running:
keytool -genkey -v -keystore ~/.android/debug.keystore -storepass android -alias androiddebugkey -keypass android -dname "CN=Android Debug,O=Android,C=US"
(Mac)
I created a keystore with alias and password with the same name (projectOne) and when I try to get the SHA1 from that created keystore and put it on my created google console maps I have trouble getting the SHA1 out.
I type this in the terminal but it does not let me access the keystore.
keytool -list -v -keystore ~/.android/ projectOne.keystore -alias projectOne
It says this (roughly translated):
Invalid option/Unauthorized: projectOne.keystore
Now I use the SHA for debug:
keytool -list -v -keystore ~/.local/share/Xamarin/Mono\ for\ Android/debug.keystore -alias androiddebugkey -storepass android -keypass android
And this does not work when I try to "release" it. So I assume I have to get the SHA1 from my own created keystore but as I mentioned above. It says it is an invalid option/Unauthorized option.
Based from this documentation you need to first find the .keystore file that your .apk was signed with. The keystore used will depend on if your app's .apk package was created as a debug build, or if it was packaged with a different .keystore file.
For builds that you have signed with your projectOne.keystore file, you need to substitute your own values for the .keystore file, keystore password, and alias name from when you created the keystore file.
You can follow these tutorial and forum which suggested to verify that the alias or password you use is correct.
I am running calabash-android in a docker file and when I run the calabash test I got the error
/usr/local/bundle/gems/calabash-android-0.7.2/lib/calabash-android/java_keystore.rb:6:in `initialize': No such keystore file '/home/core/Android/debug.keystore' (RuntimeError)
I have tried this this and not working for me.
Edit
After setting up the path the error is like
/lib/calabash-android/java_keystore.rb:32:in `initialize': Could not list certificates in keystore. Probably because the password was incorrect. (RuntimeError)
It can be fixed by navigating to the /.android directory and remove the debug.keystore file if exist one and go try the command
keytool -genkey -v -keystore debug.keystore -alias androiddebugkey -storepass android -keypass android -keyalg RSA -keysize 2048 -validity 10000
And following that navigate to the directory where the feature files exist and setup the calabash android by using the command
calabash-android setup
The resign the new debug.keystore file using the command
calabash-android resign <apk path>
And finally we can run the test by using the command
calabash-android run <apk path>
There's an interesting thing to note. If your keystore password has $, then you need to escape it in .calabash_settings file.
Look at the content of this file:
{"keystore_location":"my-release-keystore.jks","keystore_password":"abc$123","keystore_alias":"MyAlias"}
If you leave "abc$123" like this, you should get an error. Then you should escape the password like the following example:
{"keystore_location":"my-release-keystore.jks","keystore_password":"abc\\$123","keystore_alias":"MyAlias"}
Take a look at \\ for escaping special characters.
I'm trying to generate the MD5 fingerprint from the debug.keystore file using keytool.exe in my JDK so I can use Google Maps in my Android project.
I've located the keystore file and have moved it into C:\android just to make things easier.
Then in a command prompt I type
c:\Program Files\Java\jdk1.5.0_13\bin>keytool -list -alias androiddebugkey -keystore "C:\android\debug.keystore" -storepass android -keypass android
And I keep getting the error:
keytool error: java.lang.Exception: Keystore file does not exist: C:\android\debug.keystore
I've also tried entering the keystore in from its original location rather than moving to c:\android but I still get the same error.
Does anyone have any idea why this is happening?
Also, is there any other way to get this MD5 fingerprint? Some program maybe?
to generate debug.keystore file
in Eclipse/ADT, go to Windows > Preferences > Android > Build
once it is generated use ur command(c:\Program Files\Java\jdk1.5.0_13\bin>keytool -list -alias androiddebugkey -keystore "C:\android\debug.keystore" -storepass android -keypass android) to generate MD5.
this is used to generate api key for google map.
You should execute the keytools from c:\Program Files (x86)\java\jre6\bin>
And here execute the keytool command without "\"
keytool -list -alias androiddebugkey -keystore C:\Users\<you_user_name>\.android\debug.keystore -storepass android -keypass android
It will work!
You might try adding c:\Program Files\Java\jdk1.5.0_13\bin to your PATH, then running the keytool command from the C:\android directory. That's what I do (more or less -- I have JDK6 and a different directory), and it works fine.
There are times when your .android folder is present in the C:\Documents and Settings path. Often, because of the spaces in Documents and Settings, the command will not run properly.
It's better if you just create a test folder under C: and put your debug.keystore file in this folder. Then give the path as:
keytool -list -alias androiddebugkey -keystore "C:\test\debug.keystore" -storepass android -keypass android
This works. If somebody is facing issues and getting an error on this command, you can try your luck with this.
I had the same message and when checking the C:\user.android directory could see that the debug.keystore file was not present. As this was the first time I'd tried an android project on this machine, there had been no previous builds. I created and ran the ubiquitous 'Hello World' project and debug.keystore was instantly created. I then ran keytool and the MD5 appeared fine
To generate the debug.keystore, you have to run any app at least one time. Just create and run any simple "Hello World" android app to generate it.
Create Hello World android App
Run Hello World android app
keytool error: java.lang.Exception: Keystore file does not exist: C:\android\debug.keystore
Tells me that file isn't there like you think it is.
Also, if you are using the Eclipse Android tools, you can export a signed APK file via Eclipse, which might be easier for you than using the command line tools.
First i wentto the bin directory and then
get where your debug.key is ..mainly at the .android and it worked like a charm
where androiddebugkey is the name you give
C:\Program Files\Java\jdk1.8.0_66\bin>keytool -exportcert -list -v -alias androiddebugkey -keystore C:\Users\001557\.android\debug.keystore