How can I create a keystore?
Asked Answered
P

13

725

What are the steps to create a keystore for android?

I need to use google maps in my app and I don't know what steps I missed. Please provide me with the specific detailed steps (I didn't understand it from the guides).

Pompidou answered 22/10, 2010 at 14:23 Comment(7)
Have you already done anything, or are you looking for recommendations to get started?Agrestic
Those are the following steps i had done: 1-install eclipse 2- install jdk 3- install sdk 4- install android plugin. i didnt manage to execute the command in win cmd, the command: $ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000 (which generates a private key). thanksPompidou
@user482762: did CommonsWare's answer work for you? Why didn't you manage to execute the win cmd?Agrestic
CommonsWare's answer dosen't work for me, When i try to execute the commands in the cmd,i get an error massage: "$ is not recognized as an internal or external command,operable program or batch file". thanks for your helpPompidou
Ah! You don't want to actually type the $. On Windows, when you use the command line (the cmd application), the input prompt usually looks like DRIVE:/DIRECTORY>, like "c:\" . On unix, the prompt often looks like "$" or just ">". The "$" in the command is meant to represent the input prompt, not part of the command. Try running keytool with all the arguments, without the $.Agrestic
@user482762: please accept CommonsWare's answer, then, as his answer was correct to get things moving.Agrestic
refer to this : docs.oracle.com/cd/E19509-01/820-3503/ggfen/index.htmlZibeline
A
741

To answer the question in the title, you create a keystore with the Java Keytool utility that comes with any standard JDK distribution and can be located at %JAVA_HOME%\bin. On Windows this would usually be C:\Program Files\Java\jre7\bin.

On Windows, open a command window and switch to that directory. On Linux type OS do the same with a terminal. Then run:

keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000

Keytool prompts you to provide passwords for the keystore, provide the Distinguished Name fields and then the password for your key. It then generates the keystore as a file called my-release-key.keystore in the directory you're in. The keystore and key are protected by the passwords you entered. The keystore contains a single key, valid for 10000 days. The alias_name is a name that you — will use later, to refer to this keystore when signing your application.

For more information about Keytool, see the documentation at: http://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html

and for more information on signing Android apps go here: http://developer.android.com/tools/publishing/app-signing.html

Aggie answered 11/3, 2013 at 2:6 Comment(12)
Good shout on defining -keysize 2048 rather than default 1024 personally I'm now using 4096Bronchopneumonia
for information, in my case,I need to open the command window with admin rightsDeen
This gives me: E/TokenRequestor: You have wrong OAuth2 related configurations, please check. Detailed error: UNREGISTERED_ON_API_CONSOLE I've already created a credential by entering my SHA1 in the API console.Cryolite
Direct link to documentation on manually generating keystore: developer.android.com/studio/publish/…Raze
I've used this command which sets the 2 passwords so that you skip some of the prompts: keytool -genkey -v -keystore debug.keystore -storepass android -alias android -keypass android -keyalg RSA -keysize 2048 -validity 10000. Then to generate the SHA-1 that you need to put in Firebase do: keytool -list -v -keystore debug.keystore -alias android -storepass android -keypass androidRosaline
Test your results right away and receive the fingerprints off your creation: keytool -list -v -keystore my-release-key.keystore -alias alias_name -storepass mypassword -keypass mypasswordHeadset
What is the alias password?Churchless
please amend your answer to be clear that this also works in Linux. It's not clear by the sentence that is just before the keytool commandVenation
NOTE: to be able to set password for keystore AND key you have to use Java 8 and not Java 11Vaillancourt
Creating a keystore from android studio never worked in my case. Only CLI method as explained here worked.Monteria
where is the path on generated file key?Warpath
@AlbertoAcuña, the path is the directory you run the keytool command in. Once created, you can move that to another directory if you prefer, but remember to update all references to it in your IDE.Trademark
S
197

Signing Your App in Android Studio

To sign your app in release mode in Android Studio, follow these steps:

1- On the menu bar, click Build > Generate Signed APK.


2-On the Generate Signed APK Wizard window, click Create new to create a new keystore. If you already have a keystore, go to step 4.


3- On the New Key Store window, provide the required information as shown in figure Your key should be valid for at least 25 years, so you can sign app updates with the same key through the lifespan of your app.

enter image description here

4- On the Generate Signed APK Wizard window, select a keystore, a private key, and enter the passwords for both. Then click Next.enter image description here

5- On the next window, select a destination for the signed APK and click Finish. enter image description here

referance

http://developer.android.com/tools/publishing/app-signing.html

Stephen answered 14/4, 2015 at 7:36 Comment(2)
While this answer is correct, it's only convenient if you already have android studio installed.Wachtel
While this answer is correct, you can even don't have Build > Generate Signed Bundle/APK...! Because if you clone a project and try to compile it, it will require keystore.jks, but to create keystore.jks you have to build gradle files in order to enable the menu! To overcome this obstacle, you should edit build.gradle and comment signingConfig signingConfigs.release, then comment lines that set keystore properties. After that sync build.gradle and try to compile (Ctrl+F9) again.Fuchsia
H
133

I was crazy looking how to generate a .keystore using in the shell a single line command, so I could run it from another application. This is the way:

echo y | keytool -genkeypair -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=US" -alias business -keypass kpi135 -keystore /working/android.keystore -storepass ab987c -validity 20000
  • dname is a unique identifier for the application in the .keystore

    • cn the full name of the person or organization that generates the .keystore
    • ou Organizational Unit that creates the project, its a subdivision of the Organization that creates it. Ex. android.google.com
    • o Organization owner of the whole project. Its a higher scope than ou. Ex.: google.com
    • c The country short code. Ex: For United States is "US"
  • alias Identifier of the app as an single entity inside the .keystore (it can have many)

  • keypass Password for protecting that specific alias.
  • keystore Path where the .keystore file shall be created (the standard extension is actually .ks)
  • storepass Password for protecting the whole .keystore content.
  • validity Amout of days the app will be valid with this .keystore

It worked really well for me, it doesnt ask for anything else in the console, just creates the file. For more information see keytool - Key and Certificate Management Tool.

Highgrade answered 22/1, 2015 at 22:21 Comment(7)
I have never had that sort of error but try doing touch /path/file.keystore and point that with the storepass parameter.Highgrade
works great! my only change is that I use the extension .jks for AndroidMeerkat
jks is the official keystore extension for java in general, yet keystore is the one recommended to be use for android apps instead.Highgrade
@eliasbagley that is because the command -storepass as written above started on another line. Write everything on a single line and it'll be fine.Prot
Using a relative path like ./file.keystore might be easier because creates it in the current directory where your user hopefully has permissions, while using /path/file.keystore requires that your user have permissions to the FULL path from the / and that the /path/ folder exists.Buchner
why buffering the y with the echo y?Venation
Because of the (Y)es/(N)o confirmationHighgrade
C
100

Create keystore file from command line :

  1. Open Command line:

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved
    
    // (if you want to store keystore file at C:/ open command line with RUN AS ADMINISTRATOR)
    
    C:\Windows\system32> keytool -genkey -v -keystore [your keystore file path]{C:/index.keystore} -alias [your_alias_name]{index} -keyalg RSA -keysize 2048 -validity 10000[in days]
    
  2. Enter > It will prompt you for password > enter password (it will be invisible)

    Enter keystore password:
    Re-enter new password:
    
  3. Enter > It will ask your detail.

    What is your first and last name?
     [Unknown]:  {AB} // [Your Name / Name of Signer] 
    What is the name of your organizational unit?
     [Unknown]:  {Self} // [Your Unit Name] 
    What is the name of your organization?
     [Unknown]:  {Self} // [Your Organization Name] 
    What is the name of your City or Locality?
     [Unknown]:  {INDORE} // [Your City Name] 
    What is the name of your State or Province?
     [Unknown]:  {MP} //[Your State] 
    What is the two-letter country code for this unit?
     [Unknown]:  91
    
  4. Enter > Enter Y

    Is CN=AB, OU=Self, O=Self, L=INDORE, ST=MP, C=91 correct?
    [no]:  Y
    
  5. Enter > Enter password again.

    Generating 2,048 bit RSA key pair and self-signed certificate    (SHA256withRSA) with a validity of 10,000 days
        for: CN=AB, OU=Self, O=Self, L=INDORE, ST=MP, C=91
    Enter key password for <index> (RETURN if same as keystore password):
    Re-enter new password:
    

[ Storing C:/index.keystore ]

  1. And your are DONE!!!

Export In Eclipse :

Export your android package to .apk with your created keystore file

  1. Right click on Package you want to export and select export enter image description here

  2. Select Export Android Application > Next enter image description here

  3. Next
    enter image description here

  4. Select Use Existing Keystore > Browse .keystore file > enter password > Next enter image description here

  5. Select Alias > enter password > Next enter image description here

  6. Browse APK Destination > Finish enter image description here

In Android Studio:

Create keystore [.keystore/.jks] in studio...

  1. Click Build (ALT+B) > Generate Signed APK...
    enter image description here

  2. Click Create new..(ALT+C)
    enter image description here

  3. Browse Key store path (SHIFT+ENTER) > Select Path > Enter name > OK enter image description here

  4. Fill the detail about your .jks/keystore file enter image description here

  5. Next
    enter image description here

  6. Your file
    enter image description here

  7. Enter Studio Master Password (You can RESET if you don't know) > OK enter image description here

  8. Select *Destination Folder * > Build Type

    release : for publish on app store
    debug : for debugging your application
    

    Click Finish

    enter image description here

Done !!!

Compurgation answered 15/5, 2015 at 7:33 Comment(0)
G
30

This tutorial:

“sign-your-android-applications-for.html”

Archived here: https://web.archive.org/web/20181002011446/http://techdroid.kbeanie.com/2010/02/sign-your-android-applications-for.html

was very helpful for me the first time I had to create a keystore. It is simple but the instructions on developer.android.com are a little too brief.

The part I was unsure about was where to save and what name to give the keystore file.

I seems it doesn't matter where you put it just be sure to keep it safe and keep a number of backups. I just put it in my app directory

Name the file "something.keystore" where something can be whatever you want. I used app_name.keystore, where app_name was the name of my app.

The next part was what to name the alias. Again it doesn't seem to matter so again I just used the app_name again. Keep the passwords the same as you used before. Fill out the rest of the fields and you are done.

Genetic answered 5/12, 2012 at 13:39 Comment(2)
that's the problem with link answers.. :( expiredLobel
here's what archive.org archived from that page before it went down. This snapshot is from 2019: web.archive.org/web/20181002011446/http://techdroid.kbeanie.com/…Blithering
R
19

Use this command to create debug.keystore

keytool -genkey -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android -keyalg RSA -keysize 2048 -validity 10000 -dname "CN=Android Debug,O=Android,C=US"
Rove answered 14/9, 2015 at 12:20 Comment(0)
W
14

I followed this guide to create the debug keystore.

The command is:

keytool -genkeypair -alias androiddebugkey -keypass android -keystore debug.keystore -storepass android -dname "CN=Android Debug,O=Android,C=US" -validity 9999
Whiteside answered 5/8, 2014 at 13:34 Comment(0)
G
6

First thing to know is wether you are in Debug or Release mode. From the developer site "There are two build modes: debug mode and release mode. You use debug mode when you are developing and testing your application. You use release mode when you want to build a release version of your application that you can distribute directly to users or publish on an application marketplace such as Google Play."

If you are in debug mode you do the following ...
A. Open terminal and type:

keytool -exportcert -alias androiddebugkey -keystore path_to_debug_or_production_keystore -list -v

Note: For Eclipse, the debug keystore is typically located at ~/.android/debug.keystore...

B. when prompted for a password simply enter "android" ...

C. If you are in Release mode follow the instructions on...

http://developer.android.com/tools/publishing/app-signing.html <-- this link pretty much explains everything you need to know.

Groceryman answered 11/3, 2014 at 3:10 Comment(0)
S
3

I'd like to suggest automatic way with gradle only

** Define also at least one additional param for keystore in last command e.g. country '-dname', 'c=RU' **

apply plugin: 'com.android.application'

// define here sign properties
def sPassword = 'storePassword_here'
def kAlias = 'keyAlias_here'
def kPassword = 'keyPassword_here'

android {
    ...
    signingConfigs {
        release {
            storeFile file("keystore/release.jks")
            storePassword sPassword
            keyAlias kAlias
            keyPassword kPassword
        }
    }
    buildTypes {
        debug {
            signingConfig signingConfigs.release
        }
        release {
            shrinkResources true
            minifyEnabled true
            useProguard true
            signingConfig signingConfigs.release
            proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
        }
    }
    ...
}

...

task generateKeystore() {
    exec {
        workingDir projectDir
        commandLine 'mkdir', '-p', 'keystore'
    }
    exec {
        workingDir projectDir
        commandLine 'rm', '-f', 'keystore/release.jks'
    }
    exec {
        workingDir projectDir
        commandLine 'keytool', '-genkey', '-noprompt', '-keystore', 'keystore/release.jks',
            '-alias', kAlias, '-storepass', sPassword, '-keypass', kPassword, '-dname', 'c=RU',
            '-keyalg', 'RSA', '-keysize', '2048', '-validity', '10000'
    }
}

project.afterEvaluate {
    preBuild.dependsOn generateKeystore
}

This will generate keystore on project sync and build

> Task :app:generateKeystore UP-TO-DATE
> Task :app:preBuild UP-TO-DATE
Saltire answered 18/7, 2019 at 5:56 Comment(3)
where are those jks files coming from why everybody behaves as if this is a secretLaurentian
@Laurentian /app/keystore/release.jksSaltire
@Laurentian The jks contains the private key that is used to sign the app. So technically the jks isn't a secret but it does contain the secret, so you don't want it to fall in malicious hands.Glutamate
S
3

based on @EliuX answer, Latest tools compatible with app bundle

echo y | keytool -genkey -keystore ./android.jks -dname "n=Mark Jones, ou=JavaSoft, o=Sun, c=US" -alias android -keypass android  -storepass android -keyalg RSA -keysize 2048 -validity 2000

For your build.gradle

    signingConfigs {
        debug {
            storeFile file('android.jks')
            keyAlias 'android'
            keyPassword 'android'
            storePassword 'android'
        }
    }
Sturdy answered 5/10, 2021 at 11:56 Comment(0)
H
2

You can create your keystore by exporting a signed APK. When you will try to export/build a signed APK, it will ask for a keystore.

You can choose your existing keystore or you can easily create a new one by clicking create new keystore

Here a link very useful and well-explained of how to create your keystore and generate a signed APK

THis link explained how to do it with Android Studio, but if I remember, it is pretty similar on Eclipse

WATCH OUT

Once you generate your keystore, keep it somewhere safe because you will need it to regenerate a new signed APK.

How do I export a project in the Android studio?

Hath answered 7/8, 2014 at 12:50 Comment(0)
H
0

Try this

keytool -genkeypair -keyalg RSA -keysize 2048 -alias upload -keystore my_name.jks -validity 365000
Heinrike answered 11/11, 2023 at 14:37 Comment(0)
F
-3

If you don't want to or can't use Android Studio, you can use the create-android-keystore NPM tool:

$ create-android-keystore quick

Which results in a newly generated keystore in the current directory.

More info: https://www.npmjs.com/package/create-android-keystore

Forejudge answered 29/7, 2019 at 18:5 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.