Intro
Keystore is literally the storage for the keys. The keys are to sign the app either for debug or for production release. See also the official docs from Android here.
Keys for Android app could be generated internally via Android Studio (which is more convenient) or externally via the Oracle keytool program.
There are three different keys: debug key, upload key and app signing key
Yep, there is such a mess with all those keys. Let's go through them.
Debug key
As per the official Android docs,
When running or debugging your project from the IDE, Android Studio automatically signs your app with a debug certificate generated by the Android SDK tools. The first time you run or debug your project in Android Studio, the IDE automatically creates the debug keystore and certificate in $HOME/.android/debug.keystore, and sets the keystore and key passwords.
When the app is built for the first time, Android Studio generates the key. Thus, if we build the app from another machine, new different key will be generated. This could become a problem because the new key should be synced with Firebase and Google Cloud.
Also, docs provide:
Because the debug certificate is created by the build tools and is insecure by design, most app stores (including the Google Play Store) do not accept apps signed with a debug certificate for publishing.
That means we can't use the debug key as an upload key or app signing key for publishing the new release of the app.
How to see the current debug key
From the Android Studio
In Android Studio, open Gradle window: View -> Tool Windows -> Gradle. Or in the main menu choose Help -> Find Action -> type "Gradle".
In the Gradle window, in the top left corner press the button "Execute Gradle Task", this button looks like an elephant. Type there:
gradle signingreport
and press Enter.
Go to the Run window: View -> Tool Windows -> Run, or press Alt+4.
We should see something like
> Task :app:signingReport
Variant: debug
Config: debug
Store: /home/liker777/.android/debug.keystore
Alias: AndroidDebugKey
MD5: [censored]
SHA1: [censored]
SHA-256: [censored]
Valid until: Wednesday, June 23, 2049
----------
Variant: release
Config: none
----------
Variant: debugAndroidTest
Config: debug
Store: /home/liker777/.android/debug.keystore
Alias: AndroidDebugKey
MD5: [censored]
SHA1: [censored]
SHA-256: [censored]
Valid until: Wednesday, June 23, 2049
----------
From the terminal
In the terminal, run
./gradlew signingreport
from the project's folder. It will show keys, their aliases and storage path e. g. /home/oleg/.android/debug.keystore.
How to recreate the debug key
No comments:
Post a Comment