I have forgotten my Keystore password and I don't really know what to do anymore (I can't or won't give any excuses for it). I want to update my app because I just fixed a bug but it's not possible anymore. What happens if I use the same Keystore but create a new key? Would I still be able to update the app and if it's not possible, how can I go about giving information to users about the updated version?
If anybody has had a problem like this or has come across troubles, what advice can you give to help remedy the situation? Fortunately, it is a free app.
Just encountered this problem myself - luckily I was able to find the password in some Gradle's temporary file. Just in case anyone lands here:
try looking for this file
..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin
or
.gradle/3.5/taskHistory/taskHistory.bin
.gradle/5.1.1/executionHistory/executionHistory.bin
.gradle/caches/5.1.1/executionHistory/executionHistory.bin
.gradle/5.1.1/executionHistory/executionHistory.bin
.gradle/3.5/taskHistory/taskHistory.bin
.gradle/2.10/taskArtifacts/taskArtifacts.bin
and search for
storePassword
It was there in cleartext. In general, if you do remember at least a part of your password, try searching for a file containing this substring and hopefully you will fish out something.
Wanted to throw it out here, maybe it will eventually help someone.
Edit: Added new insight from comments, just to be more visible.
Edit 2: Added some more locations reported in comments.
Thanks to Vivek Bansal, Amar Ilindra and Uzbekjon for these.
See this link
It's unfortunate, but when you lose your keystore, or the password to your keystore, your application is orphaned. The only thing you can do is resubmit your app to the market under a new key.
ALWAYS backup up your keystore and write the passwords down in a safe location.
Brute is your best bet!
Here is a script that helped me out:
https://code.google.com/p/android-keystore-password-recover/wiki/HowTo
You can optionally give it a list of words the password might include for a very fast recover (for me it worked in <1 sec)
In case a wrong password is provided, even just once, it keeps saying on next attempts:
Keystore tampered with or password incorrect.
Even when you provide the correct one. I tried it several times, maybe it's some kind of protection.
Close the export wizard and start it again with the correct password, now it works :)
Finally i found the solution after spending two days...
Follow these steps:
Go to project
In .gradle find your gradle version folder in my case it was 4.1 (Refer pic)
expand the 4.1 folder and then in taskHistory folder you will find taskHistory.bin file.
Open taskHistory.bin file in android studio itself.
Search for ".storePassword" .. That's it you got your keystore password.
This really worked to me.
Try this and happy coding!!!
SOLUTION 2019 (Windows, Android Studio 3.3, gradle 4.10):
This solution only works if "Remember password" checkbox was previously marked.
First of all taskArtifacts.bin don't exist for this version of gradle and idea.log shows asterisks for passwords. This was old days solutions that doesn't worked to me.
Where I found the clear text passwords: C:\Users\{username}\AndroidStudioProjects\{project}\app\build\intermediates\signing_config\release\out\signing-config.json
Keys: mStorePassword and mKeyPassword.
I really hope it helps someone else.
On a MAC launch Console utility and scrolled down to ~/Library/Logs -> AndroidStudio ->idea.log.1 (or any old log number)
Then I searched for "keystore" and it should appear somewhere in the logs.
Original question: link
In fact, losing thekeystore password is not a problem.
You can create a new keystore and set a new password for it with the keytool command below. You don't need original keystore password for it:
keytool -importkeystore -srckeystore path/to/keystore/with/forgotten/pw \
-destkeystore path/to/my/new.keystore
When prompted, create password for your new.keystore and for source keystore password (which you lost) just hit Enter.
You will get warning about integrity not checked, and you will get your new.keystore identical to original with newly set password.
The reason this works is keystore password is only used to provide integrity of the keystore, it does not encrypt data with it, in contrast to private key password, which actually keeps your private key encrypted.
Please note, that you must know your private key password to sign your apps. Well, if it is same as forgotten keystore password then you can resort to bruteforce as in #Artur's answer.
This approach always worked for me.
I feel I need to make it an answer because this could not be just in comments.
Like #ElDoRado1239 says in his answer (dont forget to upvote his answer ;)
Looks for ..Project\.gradle\2.4\taskArtifacts\taskArtifacts.bin in my case was in ..Project\.gradle\2.2.1\taskArtifacts\taskArtifacts.bin because I use gradle 2.2.1
Then look for storePassword like #Moxet Khan says in comments...in my case was at line signingConfig.storePassword¬í t my.forgoten.password—signingConfig.keyAlias
Hope help somebody else!!!
Simplest way to get keystore password
project_folder\app\build\intermediates\signing_config\release\out\signing-config.json
Check out this file
search for StorePassword in signing-config.json
{"mName":"externalOverride","mStoreFile":"C:\\Users\\dAvInDeR\\Desktop\\KEYSTORE\\keystore.jks","mStorePassword":"1234##abcd","mKeyAlias":"uploadkey","mKeyPassword":"1234##abcd","mStoreType":"jks","mV1SigningEnabled":false,"mV2SigningEnabled":false}
Hope fully it will help you.
Update: Sep 2022
It won't work with the latest version
Fortunately, I found my lost password along with the keystore path and alias name from my Android studio logs.
if you are running linux / Unix based machines.
Navigate to Library Logs directory
cd ~/Library/Logs/
in there if you remember your android studio version which you used to build the last release APK. Navigate to that Directory
ex : cd AndroidStudio1.5/
In there you will find the log files. in any of the log files (idea.log)
you will find your keystore credentials
example
-Pandroid.injected.signing.store.file=/Users/myuserid/AndroidStudioProjects/keystore/keystore.jks,
-Pandroid.injected.signing.store.password=mystorepassword,
-Pandroid.injected.signing.key.alias=myandroidkey,
-Pandroid.injected.signing.key.password=mykeypassword,
I hope this helps for Android Studio users
It may be bit late but it will help someone for sure
You can search password if you remember something otherwise try searching like
signingConfig.storePassword
also if you forgot key alias you can find here that also
search something like signingConfig.keyAlias
Project.gradle\3.3\taskArtifacts\taskArtifacts.bin
Hope it will help someone
After spending almost a day in researching the possible options for recovering the lost keystore password in Android Studio. I found the following 4 possible ways to do it:
Use AndroidKeystoreBrute to retrieve your password. This method is quite useful when you partially forgot your password means you still have some hints of your password in your mind.
You can also retrieve it through Android Studio log files if you have previously released the app(for which you finding the keystore password) with the same machine. Refer to the following directory:
Mac OSX
~/Library/Logs/AndroidStudio/idea.log.1
Linux (Possible Location)
/home/user_name/AndroidStudio/system/log
Windows (Possible Location)
C:\Users\user_name\AndroidStudio\system\log
and search for Pandroid.injected.signing.key.password inside the file. You gonna see the password if you have previously signed the app with the same Android Studio version in which you are looking currently.
You can also retrieve the password through .gradle directory of your project. Look for the following path
project_directory/.gradle/2.4/taskArtifacts/taskArtifacts.bin.
Note: This doesn't seem to work for newer versions of Gradle (2.10 and above).
If none of the above solutions works then you can try this one but for this one also you must have Android Studio IDE app or It's preferences in which your project keystore password have been saved earlier (Using the Remember password option at the time of signing the app). You can get the IDE preferences from the following path:
Mac OSX
~/Library/Logs/AndroidStudio/idea.log.1
Linux (Possible Location)
/home/user_name/AndroidStudio
Windows (Possible Location)
c:\user\username\.AndroidStudio
Just use the older Android Studio IDE if you have or import the preferences of the old IDE into new IDE and also put the keystore file in the same path where it was previously when you had signed it and save the password last time.
In this way once you open the project and try the Build->Generate Signed APK and select the keystore file from the older location. It will automatically retrieve the password and continue to generate the signed APK for release.
Once the release APK generates successfully you can follow the option 2 mentioned earlier to check your password from you log file for the recently generated release APK.
For anyone else who may run across this, I wanted to share an answer that may be the case for you or for others browsing this article (like myself).
I am using Eclipse and created my keystore in it for my 1.0 release. Fast forward 3 months and I wanted to update it to 1.1. When I chose Export... in Eclipse and chose that keystore, none of my passwords that I could remember worked. Every time it said "Keystore tampered with or password incorrect." It got to a point where I was getting ready to run a brute force program on it for as long as I could stand (a week or so) to try to get it to work.
Luckily, I to sign my unsigned .apk file outside of Eclipse. Voila - it worked! My password had been correct the entire time! I'm not sure why, but signing it in Eclipse through the Export menu was reporting an error even when my password was correct.
So, if you're getting this error, here are my steps (taken from Android documentation) to help you get your apk ready for the market.
NOTE: To get unsigned apk from Eclipse: Right-click project > Android Tools > Export Unsigned Application
Sign unsigned apk file with keystore
a. open administrator cmd prompt and go to "c:\Program Files\Java\jdk1.6.0_25\bin" or whatever version of java you have (where you have copied the unsigned apk file and your keystore)
b. at cmd prompt with keystore file and unsigned apk in same directory, type this command: jarsigner -keystore mykeystorename.keystore -verbose unsigned.apk myaliasnamefromkeystore
c. it will say: "Enter Passphrase for keystore:". Enter it and press Return.
d. ===> Success looks like this:
adding: META-INF/MANIFEST.MF
...
signing: classes.dex
e. the unsigned version is overwritten in place, so your signed apk file is now at the same file name as the unsigned one
Use ZipAlign to compact the signed apk file for distribution in the market
a. open admin cmd prompt and go to "c:\AndroidSDK\tools" or wherever you installed the Android SDK
b. enter this command: zipalign -v 4 signed.apk signedaligned.apk
c. ===> Success looks like this:
Verifying alignment of signedaligned.apk (4)
50 META-INF/MANIFEST.MF (OK - compressed)
...
1047129 classes.dex (OK - compressed)
Verification succesful
d. the signed and aligned file is at signedaligned.apk (the filename you specified in the previous command)
========> READY TO SUBMIT TO MARKETPLACE
I'm surprised no one has mentioned this, but you can go to Google Play developer support, and they will work with you to create a new upload key:
https://support.google.com/googleplay/android-developer/contact/otherbugs
I filled an issue, and they contacted me within 1 day.
Update: After following their email instructions I was able to create a new upload key, and it was enabled a few days later! Problem solved.
First download AndroidKeystoreBrute_v1.05.jar and then follow the given image.
prepare one wordlistfile like(wordlist.txt), in that file give your hint like
Password Hint:
users
Users
Password
password
pa55word
Password
#
*
#
$
&
1
2
123
789
U will get your password.
Adding this as another possibility. The answer may be right under your nose -- in your app's build.gradle file if you happened to have specified a signing configuration at some point in the past:
signingConfigs {
config {
keyAlias 'My App'
keyPassword 'password'
storeFile file('/storefile/location')
storePassword 'anotherpassword'
}
}
Do you feel lucky?!
I had the same problem at once.
Even though with App signing by Google Play, loosing keystore or it's password is not a big deal like earlier, Still as a developer we rather prefer to change it's password and use a generated keystore file without waiting for few days to google to handle it.
( To handle this issue with google use this link to make a request)
To handle this issue by ourselves,
First download two .java files from this link.
Then compile the ChangePassword.java by javac ChangePassword.java command.
Then after you may run
java ChangePassword <oldKeystoreFileName.keystore> <newKeystoreFileName.keystore>
Change oldKeystoreFileName.keystore with the path/ name of your current keystore file, and newKeystoreFileName.keystore with path/name for the new generated new keystore file.
This will promot you to
Enter keystore password:
. Just enter whatever you prefer :) no need to be the original password that lost. Then Enter the new password with *
new keystore password:
Voila, that's it. This won't change the checksum of your keystore and won't make any issues in app signing or uploading to play.google events.
IF you're able to build your app from a PC, but you don't recall the password, here's what you can do to retrieve the password:
Method 1:
In your build.gradle, add println MYAPP_RELEASE_KEY_PASSWORD as below:
signingConfigs {
release {
if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
storeFile file(MYAPP_RELEASE_STORE_FILE)
storePassword MYAPP_RELEASE_STORE_PASSWORD
keyAlias MYAPP_RELEASE_KEY_ALIAS
keyPassword MYAPP_RELEASE_KEY_PASSWORD
println MYAPP_RELEASE_KEY_PASSWORD
}
}
}
After that, run cd android && ./gradlew assembleRelease
Method 2:
Run keytool -list -v -keystore your <.keystore file path> e.g. keytool -list -v -keystore ./app/my-app-key.keystore.
It will ask for you to Enter keystore password: Just press enter key here. and you will be able to find mapped to Alias name:
Then, run grep -rn "<your alias name>" . in your terminal and you will be able to see your signing.json file as below:
./app/build/intermediates/signing_config/release/out/signing-config.json
The file will have your password in json format with key "mKeyPassword":" < your password > "
SOLUTION 2018: Sign app with new keystore file if you missing password or jks file.
1) Create new keystore.jks file with comand line (not android studio build menu)
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
Windows example:
"C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore "C:\keystore_new.jks"
2) Generate a .pem file from new keystore
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Windows example:
"C:\Program Files\Android\Android Studio\jre\bin\keytool.exe" -export -rfc -alias upload -file "C:\upload_cert.pem" -keystore "C:\keystore_new.jks"
3) Use this support form, set "keystore problem" and with attachment add .pem file:
https://support.google.com/googleplay/android-developer/contact/otherbugs
4) 12-48h you new keystore is enabled. Update your app on playstore with new apk signed with new keystore :D
Open taskHistory.bin and search for storePassword
In Ionic I was able to find it here: /app/platforms/android/app/build/intermediates/signing_config/release/out/signing-config.json
Maybe this will help someone. cheers.
Just to simplify things here, this solution works in 2020 for gradle ver: 5.4.1
Open the file: project\.gradle\5.4.1\executionHistory.bin
Key Store password:
Search for "storePassword" text
For Key Password:
Search for "keyAlias" text
After search check for the password in the same line or the next line.
Android brute force will not work if your both the passwords are different so the best option might be like that try to find the file named as
log.idea
in your
C:/users/your named account
then you might found that in there in android folder open that file lpg.idea in notepad and then search for
alias
using find option in notepad you will find it that the password and alias and alias passwors has been shown there
I have found the password in
C:\Users\{Username}\.AndroidStudio2.2\system\log\idea.txt
Search for
Pandroid.injected.signing.store.password
Go to taskhistory.bin in .gradle folder of your project search password scroll down till you find the password
Today 2/2/2021, I can find my pw in the file name "executionHistory.bin".
Let you open it by notepad++ and search for key keyPassword. See the attached picture below.
https://i.stack.imgur.com/NNHFA.png
There is a way you can reset your password.
Go to this link, Describe your issue (Forgot KeyStore Password) and generate a token.
https://support.google.com/googleplay/android-developer/contact/otherbugs
If you are lucky then within 1 hour you will get a replay. (Generally, it takes up to 2 days).
You will need to generate a new key and upload_certificate.pem and send it to google to reset. Yow will be given instruction in the mail.
To generate upload_certificate.pem go to android studio terminal and type :
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
To summarise there are 3 answers to this question (and the solution is not given by the accepted answer):
If you have your logs intact, then you can find the password in the Android Studio log files as per Georgi Koemdzhiev's answer above.
You can retrieve the password from the 'taskArtifacts.bin' file in your .gradle directory as per ElDoRado1239's and Gueorgui Obregon's answers above. This doesn't seem to work for newer versions of Gradle (2.10 and above).
Use AndroidKeystoreBrute to guess or bruteforce your password as per Srinivas Keerthiprakasam's answer above.
All these 3 solutions are covered in-depth at this link.
C:\Users\admin\AndroidStudioProjects\TrumpetTVChannel2.gradle\2.14.1\taskArtifacts\taskArtifacts.bin
1st try to create new keystore....then open taskArtifacts.bin with notepad and look for password that you just given....you will able to figure out words near to password that you just given then search for these words near to your password in same file....you will able to figure out the password.....:)
Related
How do I sign my android app bundle with the correct signing key?
I was banging my head on the table over this for about two hours. When I finally gave up and was filling out my "reset key" request, I realized that I was currently attempting to upload it to the wrong project the whole time.
So, step one: confirm that you're attempting to upload to the correct project.
I tried using the multiple answers here & in this question, but somehow I was getting this error because I had some issues with my android/app/build.gradle and android/gradle.properties files.
Two things you should check (in addition to the other solutions here) are:
In android/gradle.properties and android/app/build.gradle, make sure your keystore variables match exactly.
In android/gradle.properties, you probably have something like this:
MYAPP_RELEASE_STORE_FILE=<>
MYAPP_RELEASE_KEY_ALIAS=<>
MYAPP_RELEASE_STORE_PASSWORD=<>
MYAPP_RELEASE_KEY_PASSWORD=<>
Make sure these variable names exactly match those in android/app/build.gradle:
android {
...
signingConfigs {
release {
if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
storeFile file(MYAPP_RELEASE_STORE_FILE)
storePassword MYAPP_RELEASE_STORE_PASSWORD
keyAlias MYAPP_RELEASE_KEY_ALIAS
keyPassword MYAPP_RELEASE_KEY_PASSWORD
}
}
}
}
In android/app/build.gradle, make sure you set signingConfig to signingConfigs.release in your release buildTypes:
android {
...
buildTypes {
debug ...
release {
signingConfig signingConfigs.release
}
}
}
The error suggests that you have uploaded an APK or an App Bundle previously. All the artifacts you upload to the Play Console should all be signed with the same keystore.
So the error means that you signed the App Bundle with a key that is different than the ones you have uploaded previously. You have to either find that keystore you used before or reset the key by contacting Play Console support team.
Just rebuild the project and generate signed apk once again and try !
Wasted my 2 days on this, had my keystore key but still showed error and request google for generating new key.... Read some random stackoverflow, where it was written to rebuild the project and try uploading once again.. IT WORKED !
there is **sign in key ** just click and upload with new keystore file that created manually
Read this is you have requested a new upload key from Google Play and still get this error (should work for both native Android and Flutter as well).
I had experienced the same problem. And here's out steps on how to resolve it:
We've lost the upload key (initial keystore file, probably .jks) that was used to sign the app.
We created a new keystore file and exported created certificate to PEM format as stated here in the docs. We sent the request to the Google Play Team to reset our key, attached .pem file.
When Google Play team reset the key we've tried to use the new .jks keystore we had created in the step 2 and the error appeared one more time, unfortunately.
The solution is to clean your project, rebuild it from scratch to reset all the cached builds.
In case of Flutter (we had this error building the app using Flutter). Make sure you use
flutter clean
Build the application on simulator or device.
Then run:
flutter build appbundle --release
This is how it was solved in our case.
PS. This should also help on native Android too.
I got the same error :
In my case, I was trying to upload debug version. That caused me this error.
So I changed below line in app-level Gradle:
signingConfig signingConfigs.debug
With:
signingConfig signingConfigs.release
Well after wasting hours on this problem ,Below Solution works for me -
When you are creating signed bundle it gets saved to some location,
Then when it gets rejected,
you went again to make new Signed Bundle,
Well thats where the mistake happens.
See when now you will create another signed bundle,
you sign it another folder , assuming that previous one was made last time,
, make sure you store the signed key in the "SAME FOLDER",
No need to make any new signed key path ,
JUST use the path you used while doing it for First time.
See this image,
use the same path which you have used during first time
Use the same JKS FILES as you have used for the first time.
NOW WHEN YOU WILL MAKE BUNDLES FILE,
IT WILL BE HAVING THE CORRECT KEY.
Thank You!!!
React Native here!
I got this error after trying to upload the generated .aab file from the ./gradlew bundleRelease command. I fixed it by exporting the .aab file by using Android Studio again. I believe that this is the way to upload your first .aab file to Google Play anyway. In case you don't know how:
In Android Studio:
Open you React Native's project android folder
Go to Build -> Generate Signed Bundle / APK
Select Android App Bundle
Enter your key-store details (if this is your first time doing this, you have to check the Export encrypted key checkbox, which you can use for Google Play App signing) and click Next
When Android Studio finishes it gives you the option to locate the file(s) created
Now if you upload this .aab file, it should be accepted.
Late answer(for any one possibly still struggling with this topic)-
You may have forgot the .jks file of that project.
Search for .jks files in File explorer.
Connect it to your project.
I realized that when I upload apk it gives more detailed error. so maybe try that solve errors and maybe then try app bundle.
hope it helps.
For those who have released apk without a manually generated keystore and facing this issue when trying to release the apk or bundle from a different machine, follow the below steps:
Copy debug.keystore (C:\Users\username\.android\debug.keystore) from the machine which used to build the first version of the App
Select Build > Generate Signed Bundle/APK
Provide the Key store path to the debug.keystore file
Fill the other fields with the default values mentioned below and build
Keystore name: "debug.keystore"
Keystore password: "android"
Key alias: "androiddebugkey"
Key password: "android"
CN: "CN=Android Debug,O=Android,C=US"
Make sure you are using the correct JKS for App Signing.
Common developer error, Android app with multiple flavours sign bundle using different JKS file.
In google play console I solved this issue by going to the aab archive tab and removed all existing versions there. Then I went back to production and choose change key for app signing. After this I could successfully upload my aab file.
I just discarded the previous release and then create a new release and uploaded the app-release.aab.
I have tried nearly everything that for a moment thought it must have been easier.
This is for new releases
If it is a new release just ignore it, create a new release ( create a new app ) and make sure you choose a different package name. This time also make sure there is nothing left between the folder you copied and new project
I got the same error and it consumed my lot time
Here the simple solution just change debug
signingConfig signingConfigs.debug
to release
signingConfig signingConfigs.release
What I did was exclude my android files from git, then when I changed branch and rebuilt, my build.gradle file was overwritten.
I am using expo to build my app bundle. In my case, I had to:
Manually create a new keystore file.
Or download your existing keystore using command expo fetch:android:keystore
Download the Upload certificate of my app from Google Play Console
Import the Upload certificate of the app into the newly created keystore file, giving it a key alias and a password. This is easily done using the java keytool. In MacOS is in the path so issue a keytool -h to see the various commands available.
run expo ba -c , took the manual route and when asked, I specified the keystore file I created in step 1.
I had the same error when building a signed Android App Bundle.
For debug purposes on the local maschine, I enabled debuggable in the release build type.
It seems, Playstore recognized an debug build and simply said it is not a valid Bundle.
build.gradle:
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
//debuggable = true <----- Works like expected when disabled
}
}
This is worked for me!
While uploading apk/bundle first time to play store you might generated
private_key.pepk then your key might be also changed. So if you selected default key alias key0 then make sure you selected proper alias then only proceed. If that steps is correct then your bundle will be upload successfully.
I got the same error :
enter image description here
In my case I changed :
android {
compileSdkVersion 30
with
android {
compileSdkVersion 31
and
targetSdkVersion 30
with
targetSdkVersion 31
and it worked. Hope it will work for you.
if you lost your upload-keystore.jks file then either you have to reset the upload signing key or create a new app with new app bundle.
for reset the upload the key-store.jks follow the link below.He has explained very nicely how to do that. reset the signing key
Wowwww it it took me so long to understand why it is not working....
I changed the app key and send it to google and thy sent me to do:
"
Follow the instructions in the Android Studio Help Center to generate a new key. It must be different from any previous keys. Alternatively, you can use the following command line to generate a new key:
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
This key must be a 2048 bit RSA key and have 25-year validity.
Export the certificate for that key to PEM format:
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Reply to this email and attach the upload_certificate.pem file.
"
i did it and the 1 thing that miss is to change in my keyAlias in the build.gradle to upload 🤦♂️
If you are using Fastlane, just check that you are actually typing the right passwords.
When trying to run the flow to upload to the play store, I was typing wrong the passwords for the signing store and alias key.
If you are publishing app to playstore and find error Your Android App Bundle is signed with the wrong key. Ensure that your app bundle is signed with the correct signing key and try again:
Then,
If you have not generated/changed app bundle or rebuild/clean project before reaching the current state displayed in pic then make sure to make new app project on play console as play console might be mixing the two keys.
image
It Worked for me with this solution
I rebuild the project in Android Studio then i changed the version code, and export the project with new keystore
in my console i deleted the release and create a new release and it worked good
I am trying desperately to export my signed APK after building my Unity project for Android as a "Google development build" and opening it in Android Studio.
I have looked at several other questions and am trying to follow https://developer.android.com/studio/publish/app-signing.html but am having a problem creating my keystore. I have followed the tutorial verbatim but can't create a valid path for the keystone -
I don't understand what I need to do. I have tried /home/users/keystores/android.jks I have tried /home/users/keystores/myprojectname.jks and just sticking it on my desktop. These are the errors Im getting-
I have tried locating android.jks but can't find anything using finder. Is it because I am on a mac? What am I doing wrong here? How can I generate my keystore so I can publish?
/home/users/keystores/ is most likely not a valid path on your mac. Try to create the keystore in a valid location like in your user's home directory:
/home/YOUR_USERNAME/
Verify that the keystore file has been created in that location.
#skyguy You have to create a keystore first using the keytool.
The keygen tool can be accessed via command line and is already included in the JDK.
If you scroll down that link I posted in my comment above, you will see the following example -
Suppose you want to create a keystore for managing your public/private key pair and certificates from entities you trust.
Generating Your Key Pair The first thing you need to do is create a
keystore and generate the key pair. You could use a command such as
the following:
keytool -genkeypair -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=US"
-alias business -keypass kpi135 -keystore /working/mykeystore
-storepass ab987c -validity 180 (Please note: This must be typed as a single line. Multiple lines are used in the examples just for legibility purposes.)
This command creates the keystore named "mykeystore" in the "working"
directory (assuming it doesn't already exist), and assigns it the
password "ab987c". It generates a public/private key pair for the
entity whose "distinguished name" has a common name of "Mark Jones",
organizational unit of "JavaSoft", organization of "Sun" and
two-letter country code of "US". It uses the default "DSA" key
generation algorithm to create the keys, both 1024 bits long.
It creates a self-signed certificate (using the default "SHA1withDSA"
signature algorithm) that includes the public key and the
distinguished name information. This certificate will be valid for 180
days, and is associated with the private key in a keystore entry
referred to by the alias "business". The private key is assigned the
password "kpi135".
The command could be significantly shorter if option defaults were
accepted. As a matter of fact, no options are required; defaults are
used for unspecified options that have default values, and you are
prompted for any required values. Thus, you could simply have the
following:
keytool -genkeypair
In this case, a keystore entry with alias "mykey" is created, with a newly-generated key pair and a certificate
that is valid for 90 days. This entry is placed in the keystore named
".keystore" in your home directory. (The keystore is created if it
doesn't already exist.) You will be prompted for the distinguished
name information, the keystore password, and the private key password.
The rest of the examples assume you executed the -genkeypair command
without options specified, and that you responded to the prompts with
values equal to those given in the first -genkeypair command, above (a
private key password of "kpi135", etc.)
Once you have created a keystore, you can point to its location and sign your apk.
I'm developing android app under intellij and gradle. and using following way to generate keystore file:
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
then used the keystore file in build.gradle:
signingConfigs {
robert {
storePassword 'robert'
storeFile file('/Users/bournewang/Documents/Project/android.keystore')
keyPassword 'robert'
keyAlias 'mike'
}
}
when finally trying to generate signed apk file: ./gradlew assembleRelease
it gives the error:
Execution failed for task ':Myexample:packageRelease'.
Failed to read key from keystore
In order to find out what's wrong you can use gradle's signingReport command.
On mac:
./gradlew signingReport
On Windows:
gradlew signingReport
Check your keystore file for first, in you example you creating file with name my-release-key.keystore. If its correct and really present in folder Users/bournewang/Documents/Project check alias, in your example it is -alias alias_name, but in config you specified alias mike
Most likely that your key alias does not exist for your keystore file.
This answer should fix your signing issue ;)
Removing double-quotes solve my problem, now its:
DEBUG_STORE_PASSWORD=androiddebug
DEBUG_KEY_ALIAS=androiddebug
DEBUG_KEY_PASSWORD=androiddebug
In my case, while copying the text from other source it somehow included the space at the end of clipboard entry. That way the key password had a space at the end.
For me this worked.
Go to <your_app_name>/android.
On the terminal use ./gradlew signingReport for Mac OS and gradlew signingReport for Windows.
Check if each element of each task has a Variant, Config, Store, Alias, MD5, SHA1, SHA-256, Valid until. If so you should be good.
If any of the above are absent then try to regenerate the key store by following the instructions on this page.
Copy the key store file and paste it inside <your_app_name>/android/app.
Some things that I was doing wrong while generating the key store file were.
Using quotations on MYAPP_UPLOAD_..._PASSWORD's.
MYAPP_UPLOAD_STORE_PASSWORD="Password123"
MYAPP_UPLOAD_KEY_PASSWORD="Password123"
I used \J4ct#RD as a password and it did not work. I later changed the password to something that was just aplphanumeric and it worked.
In Android Studio go to Build > Clean Project then re-generate signed APK using Build > Generate Signed Bundle / APK... and then clear password-fields and re-enter your passwords
For someone not using the signing configs and trying to test out the Cordova Release command by typing all the parameters at command line, you may need to enclose your passwords with single quotes if you have special characters in your password
cordova run android --release -- --keystore=../my-release-key.keystore --storePassword='password' --alias=alias_name --password='password'
The big thing is either the alias or the other password is wrong. Kindly check your passwords and your issue is solved. Incase you have forgotten password, you can recover it from the androidStuido3.0/System/Log ... Search for the keyword password and their you are saved
Make sure you have correct the folliwn
keystore file path
keystore alies name
keystore password
keystore in android/key.properties
in my case for some reason, after updating android studio to the last stable version, the password that was always by default got changed, i just had to set correct password again and it worked
Depending on where you generated the keyfile, keytool might refer to a different binary, running on a different JVM version. These are not necessarily compatible, try adjusting the versions.
I got same error today.
Execution failed for task ':app:packageRelease'.
A failure occurred while executing com.android.build.gradle.tasks.PackageAndroidArtifact$IncrementalSplitterRunnable
com.android.ide.common.signing.KeytoolException: Failed to read key news from store "E:\keystore\news.jks": Keystore was tampered with, or password was incorrect
I had same key password and key store password. But i wrote a wrong password.
It could be any one of the parameter, not just the file name or alias - for me it was the Key Password.
The new Android Studio allows us to save keystore passwords for later use. Where are these passwords stored on my computer (OSX), and is there a way to retrieve the saved values?
EDIT
I am looking for the Alias password, not the Keystore password
You can find this in the idea.log files generated by Android Studio:
Search for "Pandroid.injected.signing.key.password" and you can see the key password.
Example logs:
2015-11-13 10:22:48,844 [ 709463] INFO -
a.gradle.invoker.GradleInvoker - Build command line options:
[--configure-on-demand, -Pandroid.injected.invoked.from.ide=true,
-Pandroid.injected.signing.st ore.file=/Users/varun/Projects/myapp/mykey.jks,
-Pandroid.injected.signing.store.password=mykeystorepassword, -Pandroid.injected.signing.key.alias=myalias, -Pandroid.injected.signing.key.password=mykeypassword , -Pandroid.injected.apk.location=/Users/varun/code/android/workspace/myapp,
--init-script, /private/var/folders/vk/z504nlhd6v30p7zvtgjp5sjm0000gn/T/asLocalRepo0.gradle]
Note 1: On OSX the idea.log file can be found at ~/Library/Logs/AndroidStudio2.0
Note 2: If you don't find the password in idea.log, then also look at the files called idea.log.1, idea.log.2 and so on.
Source
On macOS the latest versions of Android Studio (tested on 3.2) store keystore/key passwords in the Keychain under the following items:
org.jetbrains.android.exportSignedPackage.KeystoreStep$KeyStorePasswordRequestor
org.jetbrains.android.exportSignedPackage.KeystoreStep$KeyPasswordRequestor
The former stores the password of the keystore itself, and the latter – the password to the key.
You can access them using system Keychain Access app. Locate corresponding entry and double-click it. The Account field should contain the path to your keystore or the path to the key alias within the keystore in the following form:
KEY_STORE_PASSWORD__/Users/username/keystorename or KEY_STORE_PASSWORD__/Users/username/keystorename__alias
Click Show password and enter your macOS password when requested. That's it!
Method 1: Read from gradle build runtime
Step 1: add below code to app/build.gradle
afterEvaluate {
if (project.hasProperty("android.injected.signing.store.file")) {
println "key store path: ${project.property("android.injected.signing.store.file")}"
}
if (project.hasProperty("android.injected.signing.store.password")) {
println "key store password: ${project.property("android.injected.signing.store.password")}"
}
if (project.hasProperty("android.injected.signing.key.alias")) {
println "key alias: ${project.property("android.injected.signing.key.alias")}"
}
if (project.hasProperty("android.injected.signing.key.password")) {
println "key password: ${project.property("android.injected.signing.key.password")}"
}
}
Step 2: from menu Build -> Generate Signed apk/bundle to start a build.
Step 3: open Build window located in Android Studio's bottom, lookup key store info
Method 2: Read from Idea persistent storage
I wrote a Idea plugin, named RestoreKeystorePlugin
Step 1: download jar file from download link
Step 2: install the plugin to Android Studio
then restart Android Studio if required
Step 3: select Tools -> Restore Keystore Info menu, it will show key store info on a dialog
For anyone attempting keystore password recovery on more recent versions of Android Studio and Ubuntu, it seems that most documented suggestions to recover the password from logs, gradle, etc no longer work. Corneliu's excellent brute force script is great - unless you chose a 16 character password with no dictionary words in it and would like a result some time this month :) Using the Intellij security.xml solution is no longer available to retrieve saved passwords from Android Studio either, as far as I can tell.
However - having dug around a bit, Android Studio 3.1 seems to use the OS keychain in Ubuntu 18.04, so retrieving a saved keystore password is as simple as:
open 'Passwords and Keys' (use super key and search 'password')
filter results by 'android'
look at each entry, they will be
something like org.jetbrains.android...KeyPasswordRequestor, and
open each one up in turn
expand the password dropdown and select
'Show password', it will look something like:
KEY_STORE_PASSWORD__/home/pathto/keystore/keystore-name.jks#mycoolpassword
Find the keystore you're looking for and the bit after # is your missing password. Hope that helps someone out there!
Gradle stores them within your project directory in a binary file. You can get them like this (from the project directory):
strings .gradle/GRADLE_VERSION/taskArtifacts/taskArtifacts.bin | grep storePassword -A1
(Thanks to https://stackoverflow.com/a/33624636/1982087 for the taskArtifacts.bin pointer)
look for the log file from the date which you had signed your apk and you can find your key info there like below.
-Pandroid.injected.signing.store.password=[store_password],
-Pandroid.injected.signing.key.alias=[alias],
-Pandroid.injected.signing.key.password=[key_password]
you can find your log files under
C:\Users\username.AndroidStudio[versionNum]\system\log\
I had the same problem!
it makes me crazy but I found a little script that it´s saves me: https://github.com/corneliudascalu/intellij-decrypt
I think it could help you.
Good Look
I've followed the steps delineated in Lee's android book on generating an MD5 fingerprint:
At a command prompt, I navigated to: C:\Program Files\Java\jre7\bin
I then entered:
keytool.exe ... C:\Users\Clay.android\debug.keystore
... (etc. - from p. 112 of "Beginning Android Tablet Application Development" by Wei-Meng Lee)
It generates a code like this:
:
CC:AB:1E:GD:E8:18:29:3A:25:3D:B9:19:23:F1:10:3C:15:14:CF:2B
When I enter this at http://code.google.com/android/add-ons/google-apis/maps-api-signup.html, it takes me to another page that tells me that the entered value is invalid ("The fingerprint you entered is not valid. Please press the Back button on your browser and enter a valid certificate fingerprint")
Note: I did not add the "" portion. I tried it with and without the colon separators.
As it says it is MD5 that is needed, and the values is apparently SHA1, do I need to convert this SHA1 to MD5? If so, how?
If you use JDK 7 keytool, add the -v option. It will include the MD5 fingerprint in it's output.
You need to generate the key with the JDK6 keytool.
EDIT after answer was accepted:
As stated in the other answer, you can also use JDK7 keytool with the -v parameter.
Go to: http://www.cafewebmaster.com/online_tools/sha1
Put your sha1(fingerprint) value into the textbox and the tool will automatically convert it into MD5 Fingerprint. Hope this will solve your issue.