Stack Overflow
Stack Overflow

Questions tagged [android-keystore]

The Android system requires that all installed applications be digitally signed with a certificate whose private key is held by the application's developer. "Android keystore" may also refer to Android Keystore System, introduced in API level 18, which allows storing cryptographic keys securely within an app.

Android requires that all apps be digitally signed with a certificate before they can be installed. Android uses this certificate to identify the author of an app, and the certificate does not need to be signed by a certificate authority. Android apps often use self-signed certificates. The app developer holds the certificate's private key.

"Android keystore" may also refer to Android Keystore System, introduced in API level 18, which allows storing cryptographic keys securely within an app.

Useful links

882 questions
526
votes
37 answers

SHA-1 fingerprint of keystore certificate

Is the method for getting an SHA-1 fingerprint the same as the method of getting the fingerprint? Previously, I was running this command: It's not clear to me if the result I'm getting is the SHA-1 fingerprint. Can somebody clarify this?
user2208349
  • 6,299
  • 5
  • 24
  • 33
286
votes
6 answers

How do I find out which keystore was used to sign an app?

I have an app which is signed and several keystore files. I'd like to update the app, so I need to find out which one of keys was used. How can I match which keystore was used to originally sign my app against various keystores I have on my machine?
xliiv
  • 4,509
  • 5
  • 26
  • 33
269
votes
10 answers

I can’t find the Android keytool

I am trying to follow the Android mapping tutorial and got to this part where I had to get an API key. I have found my debug.keystore but there does not appear to be a keytool application in the directory: C:\Documents and…
Tim
  • 2,925
  • 3
  • 15
  • 12
261
votes
6 answers

How do I verify that an Android apk is signed with a release certificate?

How can I check that an Android apk is signed with a release and not debug cert?
Vadivelan
  • 2,715
  • 2
  • 13
  • 6
195
votes
10 answers

keytool error :java.io.IoException:Incorrect AVA format

I am new to Android development; when I have been trying to sign the application I have got the following error. Can anyone help me on this issue? keytool error :java.io.IoException:Incorrect AVA format I have found some solution on the forums, for…
pallavi
  • 1,951
  • 2
  • 10
  • 3
140
votes
6 answers

I have never set any passwords to my keystore and alias, so how are they created?

As I was going through some posts on the Internet learning more about signing your Android app, I got post like how to sign the app, and something about what if you have lost your keystore file or password. The question I am here to ask is that, I…
Anas Azeem
  • 2,750
  • 3
  • 21
  • 36
122
votes
21 answers

Facebook Android Generate Key Hash

Trying to create an android app with Facebook integration, I've gotten to the part in the docs where you have to generate a key hash file, it specifies to run the following code keytool -exportcert -alias androiddebugkey -keystore…
Scott
  • 2,719
  • 4
  • 21
  • 23
122
votes
5 answers

I don't remember my android debug.keystore password

How can i see my debug.keystore password? I entered my password 3 or 4 month ago and now i don't remember. If it is impossible, how can i create new debug.keystore?
John Error
  • 1,676
  • 5
  • 15
  • 22
106
votes
14 answers

Android Studio: cannot recover key

I have searched StackOverflow for a while, but I just wanted to make sure... I wiped my laptop a while ago, and backed up all my files. I have my android.jks file backed up, and it's back in place. When I try to generate a signed APK, it's giving me…
wasimsandhu
  • 4,303
  • 8
  • 23
  • 35
93
votes
7 answers

Can I use the same keystore file to sign two different applications?

I have to upload a new application, It's just the design that's a little different. Yesterday I generated the keystore file to sign application. Can I use the same?
Raluca Lucaci
  • 1,868
  • 2
  • 17
  • 35
69
votes
3 answers

Echo off in Jenkins Console Output

I'm following guideline how to sign Android apk with Jenkins. I have parametrized Jenkins job with KSTOREPWD and KEYPWD. A part of Jenkins' job configuration (Build->Execute shell) is to take those parameters and store them as environment…
Marian Paździoch
  • 7,671
  • 9
  • 49
  • 88
56
votes
2 answers

Chain is null when retrieving private key

I'm encrypting data in my app using a RSA keypair that I am storing in the Android keystore. I've been seeing NullPointerExceptions in the Play Store, but I have not been able to reproduce them: java.lang.NullPointerException: chain == null at…
AesSedai101
  • 1,474
  • 2
  • 24
  • 37
56
votes
3 answers

How Can I Use the Android KeyStore to securely store arbitrary strings?

I would like to be able securely store some sensitive strings in the Android KeyStore. I get the strings from the server but I have a use case which requires me to persist them. KeyStore will only allow access from the same UID as that assigned to…
Patrick Brennan
  • 2,568
  • 3
  • 18
  • 28
42
votes
1 answer

Android Fingerprint API Encryption and Decryption

I am using the Android M Fingerprint API to allow users to login to the application. To do this I would need to store the username and password on the device. Currently I have the login working, as well as the Fingerprint API, but the username and…
Bryan
  • 13,244
  • 9
  • 62
  • 114
40
votes
4 answers

Android Keystore Error "could not generate key in keystore"

I get an error trying to generate a key for certain devices. I'm able to reproduce the error on a Samsung Galaxy Note running 4.4.2. java.lang.IllegalStateException: could not generate key in keystore at…
Eric
  • 409
  • 4
  • 5
1
2 3
58 59