4

I received a keystore file from a customer which I am supposed to use to sign an APK that is going to replace/update an existing APK on the play store.

Unfortunately I get the following error:

jarsigner: Certificate chain not found for: alias_name. alias_name must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

When I try to sign the same APK with a different, self-generated keystore, this works fine, so I figured there must be something missing in the keystore.

Keystore-Typ: JKS
Keystore-Provider: SUN

Keystore enthält 1 Eintrag

Aliasname: alias_name
Erstellungsdatum: 19.05.2015
Eintragstyp: PrivateKeyEntry
Zertifikatskettenlänge: 1
Zertifikat[1]:
Eigentümer: (redacted)
Aussteller: (redacted)
Seriennummer: 5152a7xx
Gültig von: Wed Mar 27 09:00:32 CET 2013 bis: Sun Aug 12 10:00:32 CEST 2040
Zertifikat-Fingerprints:
     MD5:  (bla)
     SHA1: (bla)
     SHA256: (bla)
     Signaturalgorithmusname: SHA1withRSA
     Version: 3


*******************************************
*******************************************

When I compare this to a different keystore file, I notice there is an "Extension" missing. What is it, and how do I go about fixing this? Is the file incomplete that I got from my customer?

When I import the .p12 file into my Mac OS X keychain, I can see a private key called alias_name and a certificate; although there is no "certificate chain" or anything.

I tried the following command:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore data_dirs/ff.keystore /path/to/QtApp-release-unsigned.apk alias_name

jarsigner: Certificate chain not found for: alias_name. alias_name must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

Community
  • 1
  • 1
BastiBen
  • 19,679
  • 11
  • 56
  • 86
  • Which command did you execute for signing the APK? Android signing keys never have a certificate chain as they are self-signed. – Robert May 19 '15 at 11:24

1 Answers1

0

When you create a keystore, you also create an alias in that keystore with an appropriate password. I assume "alias_name" isnt the name of that alias. You need to ask your client for that name and password to sign the apk with that alias and keystore.

breakline
  • 5,776
  • 8
  • 45
  • 84
  • By using `keytool -list` I can see that the alias name is correct. I have the feeling that some part of information is missing, but I don't have enough knowledge about android APK signing. – BastiBen May 19 '15 at 13:39
  • You can try adding new aliases to see if the file isnt corrupt. – breakline May 19 '15 at 13:42