If you are using a Java keystone to sign your Android apps (Xamarin-based or not) then the odds are 99.999% that the XXX.keystore
that you are using to sign your Xamarin.Android
apps is
already in JKS format and not PKCS12 format.
A quick way of checking is to dump your keystone in RFC format and review the Keystore type:
field.
Example:
/usr/bin/keytool -list -rfc -keystore debug.keystore |grep "Keystore type"
Output:
Enter keystore password:
***************** WARNING WARNING WARNING *****************
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
***************** WARNING WARNING WARNING *****************
Keystore type: JKS
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore debug.keystore -destkeystore debug.keystore -deststoretype pkcs12".
Example (non-filtered):
/usr/bin/keytool -list -rfc -keystore sushi.keystore
Output:
Enter keystore password:
***************** WARNING WARNING WARNING *****************
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
***************** WARNING WARNING WARNING *****************
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: androiddebugkey
Creation date: Aug 20, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
-----BEGIN CERTIFICATE-----
MIIDDTCCAfWgAwIBAgIEeCTY/jANBgkqhkiG9w0BAQsFADA3MQswCQYDVQQGEwJV
~~~~
KvHIbSHVBsryiyCwPJkXP6A=
-----END CERTIFICATE-----
*******************************************
*******************************************
If you actually need to convert a PKCS12 type store to new JKS keystore type file:
keytool -importkeystore -srckeystore somekeystore.pkcs12 -destkeystore somenewkeystore.jks -deststoretype jks