I'm trying to EXPORT AND ENCRYPT PRIVATE KEY to enroll into Google Play App Signing
I followed the template:
$ java -jar pepk.jar --keystore=foo.keystore --alias=foo --output=encrypted_private_key_path --encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a
and it worked for 2 other apps without any issues, but there is another application called mods that keeps throwing the following error even though I'm able to generate APKs with this jks file just fine:
java -jar pepk.jar --keystore=mods.jks --alias=my_alias_here --output=encrypted_private_key --encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a
**Error: Unable to export or encrypt the private key
java.io.IOException: Keystore was tampered with, or password was incorrect**
at java.base/sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:813)
at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:226)
at java.base/java.security.KeyStore.load(KeyStore.java:1503)
at com.google.wireless.android.vending.developer.signing.tools.extern.export.KeystoreHelper.loadKeystore(KeystoreHelper.java:53)
at com.google.wireless.android.vending.developer.signing.tools.extern.export.KeystoreHelper.getKeystore(KeystoreHelper.java:39)
at com.google.wireless.android.vending.developer.signing.tools.extern.export.ExportEncryptedPrivateKeyTool.run(ExportEncryptedPrivateKeyTool.java:207)
at com.google.wireless.android.vending.developer.signing.tools.extern.export.ExportEncryptedPrivateKeyTool.main(ExportEncryptedPrivateKeyTool.java:165)
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at java.base/sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:811)
... 6 more
I tried
Keytool -list -keystore mods.jks
and realized that the password for the keystore is nothing, i pressed enter and I got to see SHA key
These are the steps I am taking, in the order presented, to update a published app after fixing a bug, through Android studio:
Fix the bug.
Changed to versionCode 2 and versionName "1.1" on build.gradle (Module)
Generate Signed Bundle
Key-store path is C:\Folder\Folder\Android\MyApp.jks
Both passwords are correct
Key alias: key0 (default as on first time)
But then this error is raised:
Cause: jarsigner.exefailed with exit code 1 :
jarsigner: key associated with key0 not a private key
What could be causing this?
"Build" -> "Clean project", then "Generate signed ..." again - worked fine for me
it's simply means that you enter wrong key let me explain
your password for keystore correct
you password for The key is't correct
I had the same issue, I have tried Clean Build and Invalidate Caches/Restart but didn't work. Finally I entered a Wrong KeyStore password then it has shown some error like jarsigner error: java.lang.RuntimeException: keystore load: Keystore was tampered with, or password was incorrect. Then I tried with the Original one and it worked.
For those coming to this question to build a release candidate of a React Native app for the Play Store, or if building without Android Studio.
a) Cleaning the project is particularly useful if you've had previous errors in your release packaging:
cd android
./gradlew clean
b) Check to see if your keystore was created correctly, with a valid, exportable certificate embedded inside:
keytool -export -alias your-keystore-alias -file mycertificate.crt -keystore /path/to/keystore
You will be prompted for the keystore password you used when generating the keystore. If you get a mycertificate.crt file created successfully, there isn't anything wrong with your keystore. It's valid.
c) The not a private key error can also come up if you've not explicitly supplied a key password, and just a store password (as shown below), in your gradle release build properties:
MYAPP_UPLOAD_STORE_FILE=my-app.keystore
MYAPP_UPLOAD_KEY_ALIAS=my-app
MYAPP_UPLOAD_STORE_PASSWORD=keystorePassword
MYAPP_UPLOAD_KEY_PASSWORD=
When generating a signing certificate with keytool, there is an optional argument to generate a separate certificate password, apart from the keystore password. However, if no certificate/key password is supplied, it inherits the keystore password. So in this case, a working set of properties would be:
MYAPP_UPLOAD_STORE_FILE=my-app.keystore
MYAPP_UPLOAD_KEY_ALIAS=my-app
MYAPP_UPLOAD_STORE_PASSWORD=keystorePassword
MYAPP_UPLOAD_KEY_PASSWORD=keystorePassword
Well i also faced this problem after upgrading to android studio 3.3 and i resolved in 3 steps. But firstly make sure you backup your whole project.
In Android Studio goto File > Project Structure and untick from "use embedded JDK" then click OK
Goto Computer Settings (system settings) (win + pause key) then go to Advanced system settings>Environment variables. if JAVA_HOME not present then add it and set path to your installed JDK.
As i couldn't find a direct approach to modify jdk path in my project that is upgraded in some way to android studio 3.3 settings, i did following(for the last step) BUT MAKE SURE YOU MAKE BACKUP BEFORE THIS.
To make sure where i am guiding come to project view, I deleted ".grade", ".idea", "capture", "gradle" folders from the root and "build", "release", "lib" folder from "app" leaving "src" as it is. Deleted root.iml and did not delete app.iml file Then rebuild the project and then created the Signed package.
It went successful after 2 try. To be very honest i did the last step twice by restoring files from backup. As deleting these folders i messed up 1 time.
It seems that you are entering wrong password if
"Build" > "Clean project"
doesn't solved your problem.
Try the reference link providing :
Click here
For those who had no luck with "Clean Project", try changing the key password with the following command in the Android Studio Terminal
keytool -keypasswd -alias yourAliasName -keystore pathToYourKeystoreFile
afterwards you're prompted for your keystore password and if correct can then change the key password.
I had the same issue, I have both passwords written on a piece of paper and all of a sudden (Android Studio update?) the key password didn't work anymore. Keystore worked, could select the alias, but when generating the signed app, same error as you got.
After trying all the solutions here, it either did not work or was too complicated to even make it work.
In the end simply restarting my PC is what helped.
Special characters in your password? Read on
(Not 100% sure but) I had special characters in my key password and I decided to remove all double quotes (") only because it might have been the culprit and it worked.
Take care of the numbers of caracters of your password :
6 min
I have try more than 20 => this is ko
12 is ok
Don't use special car, caps, nums, are enought
I imported an android studio project from another developer to my system while generating Signed APK I am getting this error.
Error:Execution failed for task ':app:packageRelease'.
com.android.ide.common.signing.KeytoolException: Failed to read key mobile_visit_confirmation from store "C:\Users\ABC\AndroidStudioProjects\myapp\myapp_Key_Store.jks":
Keystore was tampered with, or password was incorrect
The project was done by someone now I am working on that he is not providing password, alias and certificate information and I want to upload update APK to play store.
I am trying to generate a signed APK by using the built-in widget in Android Studio v1.4.
However, I got this annoying error
Error:Execution failed for task ':app:packageRelease'.
Failed to read key cckey from store "C:\Users\Lancelot\Desktop\release.jks": Keystore was tampered with, or password was incorrect
I was able to retrieve my key alias like the below screenshot
(In order to get to here, the key store password must be correct; otherwise it'll show error)
Then I typed in my key password but no luck on signing the APK...
I even tried changing the key password using the command line keytool -keypasswd -alias cckey -keystore C:\Users\Lancelot\Desktop\release.jks. By running this I need to enter old password correctly before entering new password, which all went through; this proves that key password wasn't wrong at the first place.
So question is, if my key store password, key alias, and key password are all correct, what's wrong with it then??
I had a similar problem while updating my app. The keytool was not reading the correct keystore file and instead pointing to an older keystore file that I created months ago and not used. Searched for some solutions online but didn't find one. Almost gave up but I thought about cleaning the project by clicking Build then Clean Project. This last resort worked for me.
Apparently I just found another post posted few months ago that solved my issues I struggled for days...
Simply need to change the keystore and key alias password to be the same for it to work. Though I still don't know why the same keystore worked before when I was publishing updates; then not working anymore until I changed the passwords.
If anyone has answer for that, please let everyone know!
Apparently Google decided to set the default keystore password to be android.
The keytool utility prompts you to enter a password for the keystore. The default password for the debug keystore is android. The keytool then prints the fingerprint to the terminal.
See https://developers.google.com/android/guides/client-auth
I've just had the same problem, and I am 100% sure of my password. I found the solution directly by adding -storepass in the command line. Using this command did the trick:
keytool -list -v -keystore C:\....\keystore.jks -storepass HereMyPassword -alias HereMyAlias
In my case, I was copying and pasting the keystore and key passwords from Evernote and Android Studio wasn't handling it correctly. After typing the passwords manually, I was able to generate the APK.
How I solved the same problem with Android Studio 2.2.3
Android studio >> file > project structure
find your project under the modules on left side and select it and click the signing tab. then you can create a new config by clicking green plus icon and fill all the credentials on the signing with existing keystore key.
(make sure that your "key elias" "key password" and "Store password" should same previously used with the same key store now using)
then go to the flavors tab and select created config file as Signing config.
again go to the build types tab in and select created config file as Signing config.
and ok to finish the task
Make sure there are no blank spaces after your constants definitions:
MYAPP_RELEASE_STORE_FILE=mykeystore.keystore
MYAPP_RELEASE_KEY_ALIAS=keyalias
MYAPP_RELEASE_STORE_PASSWORD=pass
MYAPP_RELEASE_KEY_PASSWORD=pass
There appears to be a bug in Android Studio 4.2. The IDE now appears to permanently cache the WRONG password to either the keystore or key.
Even after TWICE re-entering the correct credentials, the IDE is caching the wrong value for one of the entries. As of this post, I'm forced to manually re-enter both passwords on every build.
Update: Uncheck remember passwords the next time you generate an APK. Then, the next time after that, you can re-check remember passwords and Android Studio will re-cache and remember the correct passwords.
Update 2: Incredibly, after performing the steps above, the bug subsequently re-emerges. Android Studio AGAIN overwrites one of the passwords with the wrong password, so it looks like we're back to square one until this bug is resolved: clear the save passwords checkbox forever and manually enter passwords per build. :-(
My problem was I set the store password in the keyPassword and the key password in the storePassword and changing the passwords one by another the problem was solved.
I had same message when building signed apk. I thought my password was correct and there is problem with the .jks file. But
I was entering wrong password
Then I tried another possible password it simply worked.
Note: Android studio doesn't block you when you enter wrong password multiple times. so try another possible password.
Or if you forgot the password try searching for password in log files
Go to => Help => Show Log in Explorer [If you haven't updated your android studio in between]
Or Go to => .gradle => 5.4.1(may differ) => executionHistory => executionHistory.bin
and search for storePassword
Same problem here. The closest I have been of solving it has been following the advise from #Makarand https://stackoverflow.com/a/59386198/3187095
In my case, I doubt the problem to be the pasword, as I have it remembered by Android Studio itself. Still, it doesn't work. I can't generate de APK or bundle in release mode. And get the same message as mentioned above. Some other reason has to be the one in this case.
I have found my password in the executionHistory.bin file. They are the expected ones, and both are the same.
My only doubt is about a symbol that have right before them, between storePassword and the password itself:
Ž
So, it could happen that you enter the correct passwords and still you get the same message. Don't know the reason though.
I am facing the same issue and tried the below-metioned steps are fixed now.
Step 1: Make sure your keystore file name and key alias name.
Note: Keystore & alias password to be the same.
a) In android studio
Build >> generate signed bundled Apk/..
Choose APK >> Next
Make sure all the fields remembered that we are going to mention in build.gradle & Gradle.properties
b) Project source
android >> app >> Debug/Release keystore
Step 2: configure your kestore in Build.gradle
Open android >> app >> build.gradle
Under the android >> signinConfigs make sure all are right based on Debug or Release key
Step 3: Configure Keystore in gradle.propertie
Open android >> gradle.properties
Check Below mentioned If not You can Add it along with your kestore file.
I hope It will help some.
For my case (using Android Studio), I found the Keystore file can't be delete, and it seems locked by OpenJDK. I suspect there should be something wrong between OpenJDK and Windows10's firewall. I close firewall temporarily. And it works.
In my case I forgot to chanche build target from espresso test to app:
Recently while signing an external apk with keytool I accidentally tampered with debug.keystore in C:\Users\myuser\.android so what I did is just backup previous debug.keystore and debug.keystore.lock this two file and deleted it. Then rebuild the project and it generates a new debug.keystore and debug.keystore.lock file. That's how I fixed my one.
Summary
backup previous debug.keystore and debug.keystore.lock
Delete it from C:\Users\myuser\.android
Rebuild the project
I have been struggling also with the same problem.
I was sure of my password but the password was the problem.
As mentionned in an earlier post I when to
=> .gradle => 5.4.1(may differ) => executionHistory => executionHistory.bin and search for storePassword
And I saw that my password was missing a letter for encoding reasons:
In executionHistory.bin the password was : ...z§s.....
and in my keystore.properties the password was : ...z§.....
After correcting this It works fine.
I was getting this error because, although my key password was right, the keystore password was wrong.
It was the same as my key password.
We were having same issue, but then we emptied the folder where we want to save our key alias then tried again, and it worked.
My two cents:
After the password I accidentally added a space.
There should not be any space in key.properties as it will be used as part of the password.
Sometimes debug mode you don't need type the password, just press enter, when the prompt ask for password.
I am trying to sign the jar, but I am getting this exception-
[exec] jarsigner: Certificate chain
not found for:
pvktmp:e40b0b30-dcc9-4aef-8450-15c2437a4959.
pvktmp:e40b0b30-dcc9-4aef-8450-15c2437a4959
must reference a valid KeyStore key
entry containing a private key and
corresponding public key certificate
chain.
Thanks in advance!
Use correct certificate file to sign the jar since the certificate you are trying to sign the jar may have been corrupted.