Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

gradle assembleRelease uses wrong key/certificate

Tags:

android

android-studio

gradle

signing

keytool

I have a gradle-based android project and trying to generate a release apk. However, it seems that somehow gradle is picking up the wrong key/cert.

This is what I have in build.gradle:

signingConfigs {
    release {
        storeFile file("mykey.jks")
        storePassword "mypass"
        keyAlias "mykey.key"
        keyPassword "mypass"
    }
}

buildTypes {
    release {
        debuggable false
        jniDebugBuild false
        runProguard true
        proguardFile getDefaultProguardFile('proguard-android.txt')
        signingConfig signingConfigs.release
    }
}

And after running

gradlew assembleRelease

and taking out META-INF/CERT.RSA from inside the .apk I run the following:

keytool -list -keystore mykey.jks

and 

keytool -printcert -v -file CERT.RSA

but they produce output with different certificate fingerprints. Trying with a certificate from another apk signed with the same key (but not with gradle) yields the correct certificate fingerprint.

Gradle seems to be picking up the keystore fine (changing the password or location or alias makes it stop working).

I'm puzzled since I don't want to release something to the store signed with an unknown key and then not be able to update it. I don't have a debug key explicitly defined in gradle.

UPDATE: This has something to do with the keystore. Trying the same gradle code with a fresh keystore and key works fine. This problematic keystore was imported from a pkcs#12 format (.p12 file). Using Intellij or jarsigner works fine with this keystore though, it's just the gradle code that has a different output - and it seems only the certificate generated from the key is different.

like image 605
radu Avatar asked Oct 02 '22 17:10

radu

1 Answers

In my case I was not aware I am using debug keystore file for release. In project/android/app/build.gradle 

buildTypes {
    debug {
        signingConfig signingConfigs.debug
    }
    release {
        // Caution! In production, you need to generate your own keystore file.
        // see https://facebook.github.io/react-native/docs/signed-apk-android.
        signingConfig signingConfigs.debug // <-- need to be changed with
        //the line below
        //signingConfig signingConfigs.release
        minifyEnabled enableProguardInReleaseBuilds
        proguardFiles getDefaultProguardFile("proguard-android.txt"), "proguard-rules.pro"
    }
}
like image 89
Engin Yilmaz Avatar answered Oct 05 '22 11:10

Engin Yilmaz
Sign in to Comment

Related questions

Missing Dependencies with Gradle?
Android NotSerializableException raises for an object
Robospice request never ends if app goes in background and then comes to Foreground?
Link spans are lost from ListView's convertView
How to load multiple images in ImageViews (parse.com)
Different output in Android 4.1
Making Android src image resource fill button area
Is it OK to add multiple views to root view of an Activity?
App transfer account and api key issues
Solving 'application has stopped' crash errors
Google Cloud Endpoints Android Client - Auth error
Gallery: Effect in item selected
How can I do something before uninstalling my android app?
Android: PublisherInterstitialAd and DoubleClick for Publishers by Google play services
popupMenuStyle doesn't work when I change parent="@style/Theme.AppCompat.Light.DarkActionBar">
Improve search in array
Android : Unable to display multiple lines of text in Notification
How to keep an IntentService running even when app is closed?
hardcode string vs @string in Java code - Android
How do you use a TimerTask to run a thread?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!