Related pages:
keytool -genkeypair -v -keystore hemmerling.keystore -alias androidkey -keyalg RSA -keysize 2048 -validity 10000 -dname "CN=hemmerling@gmx.net, O=AppInventor for Android, C=US" -storepass android -keypass android
Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry Alias name: androidkey Creation date: 27.04.2025 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=hemmerling@gmx.net, O=AppInventor for Android, C=US Issuer: CN=hemmerling@gmx.net, O=AppInventor for Android, C=US Serial number: 33680388 Valid from: Sun Apr 27 07:12:57 CEST 2025 until: Thu Sep 12 07:12:57 CEST 2052 Certificate fingerprints: SHA1: SHA256: Signature algorithm name: SHA256withRSA Subject Public Key Algorithm: 2048-bit RSA key Version: 3 Extensions: #1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 0010: ] ] ******************************************* *******************************************
keytool -genkeypair -v -keystore hemmerling.keystore -alias androidkey -keyalg RSA -keysize 2048 -validity 9125 -dname "CN=Rolf Hemmerling, OU=http://hemmerling.com O=Dipl.-Ing.(FH) Hemmerling, C=DE" -storepass android -keypass android
Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry Alias name: androidkey Creation date: 27.04.2025 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: C=DE, ST=NRW, L=Bielefeld, O=Dipl.-Ing.(FH) Hemmerling, OU=http://hemmerling.com, CN=Rolf Hemmerling Issuer: C=DE, ST=NRW, L=Bielefeld, O=Dipl.-Ing.(FH) Hemmerling, OU=http://hemmerling.com, CN=Rolf Hemmerling Serial number: 1 Valid from: Sun Apr 27 08:23:52 CEST 2025 until: Thu Apr 21 08:23:52 CEST 2050 Certificate fingerprints: SHA1: SHA256: Signature algorithm name: SHA256withRSA Subject Public Key Algorithm: 2048-bit RSA key Version: 1 ******************************************* *******************************************
keytool -genkeypair -v -keystore hemmerling.keystore -alias androidkey -keyalg RSA -keysize 2048 -validity 9125 -dname "CN=Rolf Hemmerling, OU=http://hemmerling.com O=Dipl.-Ing.(FH) Hemmerling, C=DE" -storepass android -keypass android
Keystore type: PKCS12 Keystore provider: SUN Your keystore contains 1 entry Alias name: androidkey Creation date: 27.04.2025 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=Rolf Hemmerling, OU="http://hemmerling.com O=Dipl.-Ing.(FH) Hemmerling", C=DE Issuer: CN=Rolf Hemmerling, OU="http://hemmerling.com O=Dipl.-Ing.(FH) Hemmerling", C=DE Serial number: c2769f2c8c526070 Valid from: Sun Apr 27 09:34:51 CEST 2025 until: Thu Apr 21 09:34:51 CEST 2050 Certificate fingerprints: SHA1: C9:4D:E5:10:59:E4:9E:90:18:C7:CA:54:55:E4:50:A5:12:42:B4:1E SHA256: 19:1E:CE:75:F4:8D:41:B9:93:69:CA:28:41:B6:7D:3F:62:48:1B:C2:67:FD:FB:80:53:7A:8F:D5:11:57:A3:26 Signature algorithm name: SHA384withRSA Subject Public Key Algorithm: 2048-bit RSA key Version: 3 Extensions: #1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 0010: ] ] ******************************************* *******************************************
@del hemmerling.keystore keytool -genkeypair -v -keystore hemmerling.keystore -alias androidkey -keyalg RSA -keysize 2048 -validity 9125 -dname "CN=Rolf Hemmerling, OU=http://hemmerling.com O=Dipl.-Ing.(FH) Hemmerling, C=DE" -storepass android -keypass android keytool -list -v -keystore hemmerling.keystore -storepass android pause keytool -storepasswd -keystore hemmerling.keystore -storepass android -new android2 pause keytool -storepasswd -keystore hemmerling.keystore -storepass android2 -new android @echo ********* @echo Attention: -keypasswd commands not supported if -storetype is PKCS12 @echo ********* pause keytool -keypasswd -keystore hemmerling.keystore -storepass android -alias android -keypass android -new android2
java -jar pepk.jar --keystore=hemmerling_as.keystore --alias=androidkey --keystore-pass android --key-pass android --output=hemmerling_as.zip --rsa-aes-encryption --encryption-key-path=encryption_public_key.pem
java -jar pepk.jar --keystore=hemmerling_as.keystore --alias=androidkey --keystore-pass android --key-pass android --output=hemmerling_as.zip --rsa-aes-encryption --encryption-key-path=encryption_public_key.pem
Error message “The encryption key used has expired. Use a newly generated encryption key”
Commands: -certreq Generates a certificate request -changealias Changes an entry's alias -delete Deletes an entry -exportcert Exports certificate -genkeypair Generates a key pair -genseckey Generates a secret key -gencert Generates certificate from a certificate request -importcert Imports a certificate or a certificate chain -importpass Imports a password -importkeystore Imports one or all entries from another keystore -keypasswd Changes the key password of an entry -list Lists entries in a keystore -printcert Prints the content of a certificate -printcertreq Prints the content of a certificate request -printcrl Prints the content of a CRL file -storepasswd Changes the store password of a keystore -showinfo Displays security-related information -version Prints the program version Use "keytool -?, -h, or --help" for this help message Use "keytool -command_name --help" for usage of command_name. Use the -conf <url> option to specify a pre-configured options file.
keytool -genkeypair [OPTION]... Generates a key pair Options: -alias <alias> alias name of the entry to process -keyalg <alg> key algorithm name -keysize <size> key bit size -groupname <name> Group name. For example, an Elliptic Curve name. -sigalg <alg> signature algorithm name -dname <name> distinguished name -startdate <date> certificate validity start date/time -ext <value> X.509 extension -validity <days> validity number of days -keypass <arg> key password -keystore <keystore> keystore name -signer <alias> signer alias -signerkeypass <arg> signer key password -storepass <arg> keystore password -storetype <type> keystore type -providername <name> provider name -addprovider <name> add security provider by name (e.g. SunPKCS11) [-providerarg <arg>] configure argument for -addprovider -providerclass <class> add security provider by fully-qualified class name [-providerarg <arg>] configure argument for -providerclass -providerpath <list> provider classpath -v verbose output -protected password through protected mechanism
keytool -keypasswd -keystore pathToKeystoreFile -alias yourAlias -keypass oldAliasPassword -storepass oldStorePassword -new newAliasPassword
keytool -storepasswd -keystore pathToKeystoreFile -storepass oldStorePassword -new newStorePassword
# Change the key password keytool -keypasswd -alias "your_key_alias" -keystore "key_filename.key" # Change the keystore password keytool -storepasswd -keystore "key_filename.key"
USAGE: java -jar pepk.jar --keystore <release_keystore> --alias <key_alias> --output=<output_file> (--rsa-aes-encryption --encryption-key-path=</path/to/encryption_public_key.pem> | --encryptionkey=<encryption_key_hex>) [--signing-keystore <keystore> [--signing-key-alias=<alias>]] [--include-cert] pepk (Play Encrypt Private Key) is a tool for exporting private keys from a Java Keystore and encrypting them for transfer to Google Play as part of enrolling in App Signing by Google Play. REQUIRED FLAGS --keystore Path to the keystore containing the private key to export. --alias Alias of the private key in the keystore. --output File in which to output the encrypted private key. OPTIONAL FLAGS --keystore-pass Password for the keystore. If not set, will be prompted on the command line. --key-pass Password for the key inside the keystore. If not set, the same password as the keystore will be used, or if none was set, it will be prompted on the command line. --signing-keystore Path to the keystore containing the private key that will be used for signing the exported encrypted private key. --signing-key-alias Alias of the private key used for signing in the signing Keystore. Must be specified if --signing-keystore flag is set. --rsa-aes-encryption Use RSA AES Key Wrap encryption for encrypting the private key. --encryption-key-path Path to the PEM-encoded public key to be used for encrypting the private key. Must be specified if --rsa-aes-encryption is set. --encryptionkey Public key to encrypt the private key with. This will be the hex encoded bytes of the public key. The public key is a 4-byte identity followed by a 64-byte P256 point. Must be specified if --rsa-aes-encryption is not set. --include-cert Include the public certificate to be exported along with the encrypted private key. OTHER OPTIONS --help Show this usage page and exit. --license Show the license for the tool and exit.