Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Convert .keystore to .jks to sign apk

I have an android app that I am trying to protect using quixxi.com however it requires me to sign the app again. But to do this it has to use .jks files but my keystore is .keystore

I am using Xamarin.Android in C# with Visual Studio 2017

Is there any way around this?

like image 950
Ciaran Avatar asked Apr 19 '18 15:04

Ciaran


People also ask

How do I sign an unsigned APK?

Sign an APK You can include this information in two ways: Specify a KeyStore file using the --ks option. Specify the private key file and certificate file separately using the --key and --cert options, respectively. The private key file must use the PKCS #8 format, and the certificate file must use the X.

How do I manually sign an APK?

Generate an upload key and keystoreIn the Generate Signed Bundle or APK dialog, select Android App Bundle or APK and click Next. Below the field for Key store path, click Create new. On the New Key Store window, provide the following information for your keystore and key, as shown in figure 2.


1 Answers

If you are using a Java keystone to sign your Android apps (Xamarin-based or not) then the odds are 99.999% that the XXX.keystore that you are using to sign your Xamarin.Android apps is already in JKS format and not PKCS12 format.

A quick way of checking is to dump your keystone in RFC format and review the Keystore type: field.

Example:

/usr/bin/keytool -list -rfc -keystore debug.keystore |grep "Keystore type"

Output:

Enter keystore password:

*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in your keystore  *
* has NOT been verified!  In order to verify its integrity, *
* you must provide your keystore password.                  *
*****************  WARNING WARNING WARNING  *****************

Keystore type: JKS

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore debug.keystore -destkeystore debug.keystore -deststoretype pkcs12".

Example (non-filtered):

/usr/bin/keytool -list -rfc -keystore sushi.keystore 

Output:

Enter keystore password:

*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in your keystore  *
* has NOT been verified!  In order to verify its integrity, *
* you must provide your keystore password.                  *
*****************  WARNING WARNING WARNING  *****************

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: androiddebugkey
Creation date: Aug 20, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
-----BEGIN CERTIFICATE-----
MIIDDTCCAfWgAwIBAgIEeCTY/jANBgkqhkiG9w0BAQsFADA3MQswCQYDVQQGEwJV
~~~~
KvHIbSHVBsryiyCwPJkXP6A=
-----END CERTIFICATE-----


*******************************************
*******************************************

If you actually need to convert a PKCS12 type store to new JKS keystore type file:

keytool -importkeystore -srckeystore somekeystore.pkcs12 -destkeystore somenewkeystore.jks -deststoretype jks
like image 56
SushiHangover Avatar answered Sep 30 '22 11:09

SushiHangover