Convert .keystore to .jks to sign apk
Asked Answered
P

1

18

I have an android app that I am trying to protect using quixxi.com however it requires me to sign the app again. But to do this it has to use .jks files but my keystore is .keystore

I am using Xamarin.Android in C# with Visual Studio 2017

Is there any way around this?

Pull answered 19/4, 2018 at 15:13 Comment(0)
H
31

If you are using a Java keystone to sign your Android apps (Xamarin-based or not) then the odds are 99.999% that the XXX.keystore that you are using to sign your Xamarin.Android apps is already in JKS format and not PKCS12 format.

A quick way of checking is to dump your keystone in RFC format and review the Keystore type: field.

Example:

/usr/bin/keytool -list -rfc -keystore debug.keystore |grep "Keystore type"

Output:

Enter keystore password:

*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in your keystore  *
* has NOT been verified!  In order to verify its integrity, *
* you must provide your keystore password.                  *
*****************  WARNING WARNING WARNING  *****************

Keystore type: JKS

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore debug.keystore -destkeystore debug.keystore -deststoretype pkcs12".

Example (non-filtered):

/usr/bin/keytool -list -rfc -keystore sushi.keystore 

Output:

Enter keystore password:

*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in your keystore  *
* has NOT been verified!  In order to verify its integrity, *
* you must provide your keystore password.                  *
*****************  WARNING WARNING WARNING  *****************

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: androiddebugkey
Creation date: Aug 20, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
-----BEGIN CERTIFICATE-----
MIIDDTCCAfWgAwIBAgIEeCTY/jANBgkqhkiG9w0BAQsFADA3MQswCQYDVQQGEwJV
~~~~
KvHIbSHVBsryiyCwPJkXP6A=
-----END CERTIFICATE-----


*******************************************
*******************************************

If you actually need to convert a PKCS12 type store to new JKS keystore type file:

keytool -importkeystore -srckeystore somekeystore.pkcs12 -destkeystore somenewkeystore.jks -deststoretype jks
Hyp answered 19/4, 2018 at 15:43 Comment(8)
Where do I write the code for converting a PKCS12 to JKS?Pull
@Pull What to you mean where? keytool is a cmd-line utilityHyp
is there anyway of doing this in visual studio? cmd said "'keytool' is not recognised as an internal or external command, operable program or batch file"Pull
@Pull no, keytool is a part of the java install, look in C:\Program Files\Java\jdk(some version number)\binHyp
oh ok sorry I am new to this, and where do I write the line? in the command prompt? it said "'keytool' is not recognised as an internal or external command, operable program or batch file" when I tried using Command PromptPull
if you are on a Windows machine just copy the debug.keystore file into the C:\Program Files\Java\#jdk_version#\bin folder, open a terminal window from this folder and run: keytool -list -rfc -keystore debug.keystoreAliform
keytool -list -rfc -keystore debug.keystore returns keytool error: java.io.IOException: Invalid keystore formatApprobation
Thank you very much! I was able to convert a .keystore key that was actually of PKCS12 into a .jks to setup a React Native app on Expo.Bergamo

© 2022 - 2024 — McMap. All rights reserved.