Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using an empty keystore password used to be possible?

Tags:

When signing an apk after a long break from Android development I was surprised that I'm no longer able to enter an empty keystore password to unlock it. Is it just me or has this been possible before? If so, when did that change and how can I manage to unlock the keystore anyway?

Some background: maybe I'm just crazy and didn't use an empty password for the keystore before, but the one and only possible password that I could have been using instead doesn't work either (I swear, there's no chance I'd have used another password!).

like image 226
TomTasche Avatar asked Oct 12 '12 15:10

TomTasche


People also ask

How one can recover a Java Keystore if the keystore password is forgotten?

Resolution. The only way to recover is then to create a duplicate keystore with a new store password. All of the certs from the original trustore can be copied as-is into the new keystore. We will use /opt/CA/jre/lib/security/cacerts as the example but this will work with any Java Keystore (jks).

Is keystore password important?

The keystore password is sensitive information, and keeping it secure is critical to the security of your realm server.

Can I create a keystore without password?

You cannot create a keystore with a blank password with keytool since a while, but you can still do it programmatically.


1 Answers

The keystore can be manipulated using the keytool in the Java sdk.

Try executing the keytool on your keystore, and extract the certificates with the empty password. After that, import it into a new keystore. This time, use a real password.

The switch -exportcert will help you accomplish that.

It could be that you updated your java sdk and therefor you cannot enter empty password (due to some security upgrade of the tool). In that case, you can try to install an older sdk and do the above.

Good luck!

like image 133
Udinic Avatar answered Nov 10 '22 01:11

Udinic