Recreate a valid Keystore from an existing "Importation Key Certificate" for my MAUI Android Project
I'm working on an android app which was release on Google Play Console in 2024 January. I used the Windows keystore "mafirstkeystoreformyapp.keystore".
Because I wanted to upgrade my laptop, I bought a new one, get back my project from my GitHub repository, do my test : everything was ok.
So I formated my first laptop.
But I realised, when I wanted to create a new version for Google Play Console that my app signature/footprint is not recognized :
Your android App Bundle was signed with the bad key. be sure your app bundle is signed with the good key and retry. The imported app bundle should be signed with the certificate associated to the "footprint" SHA1: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:B2 , but the certificate used is associated to the footprint SHA1: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:A5
So I contacted the Google Play Console support that made me :
create a JKS file from my MAUI project :
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
Export the certificate for that key to PEM format
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Update the certificate from my account (2 days needed)
But this .jks file has no meaning for me : windows keystore are recognized as .keystore file, so it is useless
Is there a way to transform this .jks to .keystore ? Or to easily recreate a valid Keystore from an existing "Importation Key Certificate" ?
There is many stackoverflow about the second question (which is linked to the first one) but, even if the response seems to be no, it look like the current situation evolved. Android: I lost my android key store, what should I do? I lost my .keystore file? Recreate keystore file from private key and certificate
What I already tried
I found this : Android Package Signing for .NET MAUI app It's pretty close but the user issue is linked to his "App Signing key", whereas I must to use the "App Importation Key" (so his resolving steps cannot be done)
I tried to :
create a new .keystore from Visual Studio, get the .der key from Play Console to add it : KO (the certificate is added but not used during Distribution)
create a new key store, delete the default key, import the .der key from Play Console to add it : KO (the keystore seems to be "corrupted" and so Visual Studio doesn't allow me to Distribute the app)
import the .der key from Play Console and create keystore from it : KO (the keystore seems to be "corrupted" and so Visual Studio doesn't allow me to Distribute the app)
(do 3 before that) import the new keystore from the dedicated windows dialog : KO (a java error appears)
à System.Runtime.InteropServices.Marshal.SecureStringToGlobalAllocUnicode(SecureString s) à Xamarin.VisualStudio.SecureStringExtensions.ToUnsecureString(SecureString input) dans D:\a\_work\1\s\src\Core\VisualStudio\Extensions\SecureStringExtensions.cs:ligne 16 à Xamarin.VisualStudio.Publishing.Presentation.ViewModels.AndroidImportKeyViewModel.<ImportAsync>d__49.MoveNext() dans D:\a\_work\1\s\src\Core\VisualStudio.Publishing\Presentation\ViewModels\AndroidImportKeyViewModel.cs:ligne 138
I used Keytool to update/create keystore :
keytool -import -alias vilolaboratory -file upload_cert.der -keystore vilolboratory.keystore
Okay, after many tries and research, the help of this How to convert .JKS to "keystore" format? helped me to publish a new version : I was able to recover usable .keystore file for my current app.
So here it is a summary of the main steps :
1st step : Generate .JKS et new .PEM certificate
You will need to use Keytool, a command line tool offered by JDK (this stackoverflow can help if you are experiencing issue : ERROR:'keytool' is not recognized as an internal or external command, operable program or batch file). More infos about keytool usecases : https://support.smartbear.com/collaborator/faq/how-to-update-an-expired-certificate-in-the-existi/
Start by creating the new Keystore :
keytool -genkeypair -alias {alias-name} -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
Then ask for the Key Importation Certificate reinitialization
It will ask you to create a new certificate through Keytools. Normally, it will be something like this (but follow the link upon it's better) :
keytool -export -rfc -keystore keystore.jks -alias {alias-name} -file upload_certificate.pem
It will allow you to have
- the .jks file (java keystore)
- the .pem certificate file (to upload to the Google Play Console)
Upload the .pem certificate file to Google Play Console and wait for two days.
2nd step : Convert the .jks to .keystore
You will need to use keytool again to convert the JKS file. Thanks to @Geo367 :
keytool -importkeystore -srckeystore {generatedfile}.jks -srcstoretype JKS -destkeystore {TemporaryName}.p12 -deststoretype PKCS12
keytool -importkeystore -srckeystore {TemporaryName}.p12 -srcstoretype PKCS12 -destkeystore {DefinitiveName}.keystore -deststoretype JKS
But the file generated will not be correctly identified by Visual studio there. So continue with :
keytool -importkeystore -srckeystore {DefinitiveName}.keystore -destkeystore {DefinitiveName} -deststoretype pkcs12
It will apply the last keystore format (cannot be more specific about it : I don't masterize this subject at all)
3rd step : Prepare Visual studio
Move the Keystore file in C:\Users{USER}\AppData\Local\Xamarin\Mono for Android\Keystore
Then, in visual studio, go in "Show/Displays archives" and push "Distribute..."
Normally, an "{alias-name}" keystore will appears : that's your hero.
/!\ in my case I needed to delete the last archive created and republish in order to correctly refresh the datas and be able to watch the last keystore.
Once everything is done, you will be able to publish an app correctly signed with the last certificate through the adequate keystore.
- EventBus - Subscriber class and its super classes have no public methods with the @subscribe annotation
- Check for navigation bar
- How to manually set the FirebaseAuth User emailVerified status to true
- You can't submit updates as some information about your app is incomplete (Google Play)
- Android Ethernet and Wi-Fi at the same time
- How to create a Custom BottomNavigationAppBar in jetpack compose?
- How to capture app traffic on Android
- How to unzip, edit and zip an android apk
- Change password with Firebase for Android
- How to avoid reverse engineering of an APK file
- HTTPResponse debugging with the android emulator
- Using cookies with Android volley library
- Kotlin - Most idiomatic way to convert a List to a MutableList
- Gif image is not working in android in react native
- Flutter: Execution failed for task ':app:compileDebugKotlin'
- How to implement Container Transform with Material Motion on Jetpack Compose
- How to use Google Cloud Translation API in Android Studio?
- Retrofit always calling onFailure even response is 200
- Add intent extras in compose UI test
- How to set Google Vision QR Scanner to detect only one value?
- SignalR Client implementation in unity works in editor but not in Android
- Jetpack Compose Material3 Pull to Refresh functionality
- How can I align vertical center contents in Android Compose VerticalPager
- How can I achieve before-after animation in Jetpack Compose?
- Setting requestedOrientation results in crash
- Android Studio 3.1.3 - Unresolved reference: R - Kotlin
- Android Wrap Shell Script Doesn't Work as Expected
- I can't backup my realm database in External Directory because of mkdirs()
- At what point can I get the width of a view in a RecyclerView?
- Android-studio ERROR: Cannot add task 'copyDebugIconFonts' as a task with that name already exists