The certificates management is pretty annoying when you have a lot of Apps. I often face troubles due to bad password or wrong certificate to publish an App. To save time I used some commands, explained below, to check certificates and password before using them.
check your iOS signature
run the openssl command
$ openssl pkcs12 -info -nodes -in <YOUR FILE>.p12, there should be a big section that looks like:
-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY-----
check your Android signature
Understanding keystore, certificates and alias
The keystore file generated by Keytool stores pairs of private and public keys. Each pair or entry stored in the keystore is refered by a unique alias. In brief:
Keystore entry = private + public key pair = identified by an alias
The keystore protects each private key with its individual password, and also protects the integrity of the entire keystore with a (possibly different) password. After providing the passwords for both the keystore and the chosen alias, the app is signed and the public key (the certificate) for that alias is embedded into the APK.
You can only release an update to an application that was signed with the alias ‘foo’ by signing the update again with the same alias. Losing the keystore where your alias is stored would prevent you from releasing an updated version of your app.
Looking for alias and/or check password
$ keytool -v -list -keystore <YOUR FILE>.keystore Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry Alias name: <YOUR ALIAS> Creation date: Apr 14, 2011 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate: Owner: CN=Spring Wireless, OU=Spring Wireless, O=Spring Wireless, L=Sao Paulo, ST=SP, C=BR Issuer: CN=Spring Wireless, OU=Spring Wireless, O=Spring Wireless, L=Sao Paulo, ST=SP, C=BR Serial number: 4da7639c Valid from: Thu Apr 14 18:14:04 BRT 2011 until: Mon Aug 30 18:14:04 BRT 2038 Certificate fingerprints: MD5: 9E:10:74:D1:98:2B:1A:3A:BF:43:77:A9:5E:64:B4:49 SHA1: A5:0B:54:5B:00:BC:ED:5B:FE:FF:E2:C9:74:F3:65:F0:47:58:DB:29 SHA256: 7D:F7:C8:36:6F:BE:C7:7F:31:F2:B8:95:D3:94:B5:1C:3F:ED:8B:1A:40:A0:AD:18:E4:F9:10:E4:1B:8C:1E:0F Signature algorithm name: SHA1withDSA Version: 3 $
If you are looking for a specific alias, you can also specify it in the command:
keytool -list -keystore .keystore -alias foo
If the alias is not found, it will display an exception:
keytool error: java.lang.Exception: Alias does not exist