When signing an apk after a long break from Android development I was surprised that I'm no longer able to enter an empty keystore password to unlock it. Is it just me or has this been possible before? If so, when did that change and how can I manage to unlock the keystore anyway?
Some background: maybe I'm just crazy and didn't use an empty password for the keystore before, but the one and only possible password that I could have been using instead doesn't work either (I swear, there's no chance I'd have used another password!).
Resolution. The only way to recover is then to create a duplicate keystore with a new store password. All of the certs from the original trustore can be copied as-is into the new keystore. We will use /opt/CA/jre/lib/security/cacerts as the example but this will work with any Java Keystore (jks).
The keystore password is sensitive information, and keeping it secure is critical to the security of your realm server.
You cannot create a keystore with a blank password with keytool since a while, but you can still do it programmatically.
The keystore can be manipulated using the keytool
in the Java sdk.
Try executing the keytool on your keystore, and extract the certificates with the empty password. After that, import it into a new keystore. This time, use a real password.
The switch -exportcert
will help you accomplish that.
It could be that you updated your java sdk and therefor you cannot enter empty password (due to some security upgrade of the tool). In that case, you can try to install an older sdk and do the above.
Good luck!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With