Jump to content

[TOPIC: topicViewTemplate]
[GLOBAL: userSmallPhoto]
Photo

Suddenly unable to build for Android due to keystore issue
Started by fzammetti Jun 22 2017 10:06 PM

- - - - -
39 replies to this topic
java build android problem error keystore 3100
[TOPIC CONTROLS]
Page 2 of 2 1 2
This topic has been archived. This means that you cannot reply to this topic.
[/TOPIC CONTROLS]
[modOptionsDropdown]
[/modOptionsDropdown]
[reputationFilter]
[TOPIC: post.html]
#26

SGS

[GLOBAL: userInfoPane.html]
SGS
  • Corona Geek

  • 2,131 posts
  • Corona SDK

Perception I think there... if it is called "debug.keystore" it shouldn't matter where it is placed IMHO. Dev v framework difference.

And yes "android" as password worked just fine.

 

It would be handy for me to have ALL keystores in the same location and Corona know whether it was debug of production.  A minor annoyance.

 

I only mentioned it in this thread in case it helped others.



[TOPIC: post.html]
#27

fzammetti

[GLOBAL: userInfoPane.html]
fzammetti
  • Observer

  • 27 posts
  • Corona SDK

I can do better than that: check out the video here: http://www.zammetti.com/keystore_issue.mp4 ... there you can see exactly what's happening.  As soon as focus leaves the Keystore field I get the error message saying the password is invalid.  Doesn't matter whether I tab out or click something else, it's on loss of focus generally, and it's every time.  I typed 'android' as the password there but it doesn't accept it.

 

EDIT: Whether I check save password or not doesn't make a difference.  And, as you can see, the alias field is empty (but that's only logical given it apparently can't open the store for lack of password).



[TOPIC: post.html]
#28

Rob Miracle

[GLOBAL: userInfoPane.html]
Rob Miracle
  • Moderator

  • 26,539 posts
  • Enterprise

Engineering is suggesting that you uninstall.  Then run "regedit" and clear out any Corona Labs keys that you find. 

 

HKEY_CURRENT_USER\Software\Corona Labs\Corona SDK

 

and

 

HKEY_CURRENT_USER\Software\Ansca Corona

 

You can also do this from a command prompt (cmd.exe or the new power shell)

 

reg delete "HKEY_CURRENT_USER\Software\Ansca Corona"

reg delete "HKEY_CURRENT_USER\Software\Corona Labs"

 

Then reinstall.. You want to get the latest build any way, we've fixed quite a few things since 3100. The latest is 3109.

 

Rob



[TOPIC: post.html]
#29

fzammetti

[GLOBAL: userInfoPane.html]
fzammetti
  • Observer

  • 27 posts
  • Corona SDK

Bad news: installed 3109 as specified, and deleted those two keys.  Reinstalled and it was like a fresh installation, had to enter email/PW and everything (didn't have to do that last time I re-installed, I assume because those keys were still there).

 

But, no good: same thing happens... it still asks for password as soon as focus leaves the keystore field.  Exact same sequence of events :(



[TOPIC: post.html]
#30

info1279

[GLOBAL: userInfoPane.html]
info1279
  • Observer

  • 2 posts
  • Corona SDK

Does anyone have an update on this?  I'm running in to the same issue.



[TOPIC: post.html]
#31

Rob Miracle

[GLOBAL: userInfoPane.html]
Rob Miracle
  • Moderator

  • 26,539 posts
  • Enterprise

I would recommend updating to the latest daily build and trying. I believe we've made some changes around those areas.

 

Rob



[TOPIC: post.html]
#32

Mike Hempfling

[GLOBAL: userInfoPane.html]
Mike Hempfling
  • Contributor

  • 268 posts
  • Corona SDK

After reading this forum I am concerned about the update to JDK 1.8 I just did because I am trying to get a SHA256 Signature for Amazon messaging. After updating to JDK 1.8 my certs still only show MD5 & SHA1. So I am not sure what to do next and/or how it might impact all my apps so any advice would be appreciated. Can I keep using my old keystore but use a new one just for Amazon apps that I want to use messaging?



[TOPIC: post.html]
#33

Rob Miracle

[GLOBAL: userInfoPane.html]
Rob Miracle
  • Moderator

  • 26,539 posts
  • Enterprise

As long as your old one works for Google keep using it. You can use the new one as needed.  You can also update the old one to a new one using the commands in the other threads!

 

Rob



[TOPIC: post.html]
#34

iqbalbaskara

[GLOBAL: userInfoPane.html]
iqbalbaskara
  • Observer

  • 3 posts
  • Corona SDK

Hello, any update on this issue? I face the same problem, my build is 2017.3184, my problem started when I tried signing my own keystore for release, password wont verify. Tried the debug.keystore, and it wont verify either (keep asking for password, when "android" is supplied, it says wrong password or JDK not found)

 

 

Any update would be appreciated. thanks :)



[TOPIC: post.html]
#35

iqbalbaskara

[GLOBAL: userInfoPane.html]
iqbalbaskara
  • Observer

  • 3 posts
  • Corona SDK

the console produces these every time I try building (firewall is already off on my machine):

 

00:31:18.061  jarsigner: unable to sign jar: no response from the Timestamping Authority. When connecting from behind a firewall an HTTP or HTTPS proxy may need to be specified. Supply the following options to jarsigner:
00:31:18.061    -J-Dhttp.proxyHost=<hostname>
00:31:18.061    -J-Dhttp.proxyPort=<portnumber>
00:31:18.061  or
00:31:18.061    -J-Dhttps.proxyHost=<hostname> 
00:31:18.061    -J-Dhttps.proxyPort=<portnumber> 


[TOPIC: post.html]
#36

iqbalbaskara

[GLOBAL: userInfoPane.html]
iqbalbaskara
  • Observer

  • 3 posts
  • Corona SDK

a little update, I'm currently using build 2018.3316, tried JDK 6, 8, 10. uninstalling, reinstalling, removing Corona & JDK from registry each time. nothing works. What else can I try?



[TOPIC: post.html]
#37

Rob Miracle

[GLOBAL: userInfoPane.html]
Rob Miracle
  • Moderator

  • 26,539 posts
  • Enterprise

Is there more information in the console log?

 

Rob



[TOPIC: post.html]
#38

dmarques42

[GLOBAL: userInfoPane.html]
dmarques42
  • Enthusiast

  • 62 posts
  • Corona SDK

I have the same or similar issue. I have tried all versions of JDK and Corona. 

 

My issue might be slightly different in that I am unable to use a keystore with my Google upload key added into it. I have been building and updating for Google Play for years, and today hit a wall, cannot update an app.

 

Since I last updated the app (about 5 days ago), I tried to 'update' the keystore (from a warning message in the console) -- after copying first, of course -- to pkcs12 format, but I am not sure that is relevant. I have tried backing everything out, but cannot get a build Google Play will accept -- either it says debug key or it says keys do not match.

 

Currently JDK 1.8.0_181,  Corona 2018.3326

 

Lazy on my part, but I had always built Android using Debug keystore and keys. It seems that no longer works. But I have Google manage and re-sign my apps for the deployment, so loss of key is not supposed to be a problem. Or so I thought.

 

My problem now is getting a build signed with the 'upload' key that Google gives me to submit an app.

 

My steps:

 

1. make a copy of debug.keystore (ideategames.keystore)

2. add the Google 'upload' key (upload_cert.der) to the keystore with keytool (keytool -import -trustcacerts -alias upload -file upload_cert.der -keystore ideategames.keystore)

3. Try to build the app with the upload alias

 

First problem: no matter what password I put on the new alias, it never works when I try to open it in Corona. So, I put no password, and then I just 'cancel' the request for password prompt, and it does not jump out.

 

Second problem: when the build happens, I get a 256 build error, which is 'Failed to sign the APK.'

 

I am wondering if it is a SHA1 vs SHA256 problem? But this is territory I am not that familiar with.

 

Any help? How do I get a build signed with the Google-supplied key?

 

BTW, the Corona help page on signing for Google Release Build (https://docs.coronalabs.com/guide/distribution/androidBuild/index.html) is...well.. kinda half-done, at best. " Supply the requested information and tap enter to sign your Android app." -- this is certainly false, as all this will do is create a keystore with one key in it, not sign the app. And when I do that, I cannot use that keystore to sign the app anyway.

 

Any help?



[TOPIC: post.html]
#39

dmarques42

[GLOBAL: userInfoPane.html]
dmarques42
  • Enthusiast

  • 62 posts
  • Corona SDK

I downloaded the 'upload' key (which, as I read the documentation, is the key I used to upload on the previous build, that is what the upload key is supposed to be on the Google App signing page) not the 'App Signing Key', which is the key Google uses to re-sign the app. When Google manages the app signing, as on my app, it can create a new upload key any time I ask, and I need to be able to sign the app with that upload key.

 

The 'original' key I uses was the debug key, the default key that comes with Corona. It used to be that Google allowed you to use the debug key, as long as you uploaded the first version with that key. Something changed that, probably something I did, it no longer works.

 

I don't think the key is the problem, I think the problej is Corona acceptance of a key loaded into a keystore, at least the way I am doing it (per other directions on how to load the 'upload_cert.der' key into a keystore). But perhaps it is because the Google keys have SHA1, SHA256, and MD5 all in the same der file, and Corona does not know how to parse such an entry?

 

Whatever the case with the past keys, Google allows me to upload an update that is signed with the upload key. So, somehow, I need to sign the apk with the upload key. I cannot figure out how to do that in a way Corona accepts.

 

The mismatched keys is not from using the upload key, it is from using my older key. The core problem I am having is that I cannot figure out how to sign with a key that I load into a keystore -- I always get a 256 error, no matter how I try to configure it.



[TOPIC: post.html]
#40

dmarques42

[GLOBAL: userInfoPane.html]
dmarques42
  • Enthusiast

  • 62 posts
  • Corona SDK

I was able to fix this keystore problem by creating a new upload key, and sending it to Google. My app final signing is managed by Google, so this is possible (for lost key, new computer, whatever).

 

  1. I sent a note to Google (there is a form for upload key problems) saying I wanted to create a new upload key.
  2. They answered (4 days) requesting my new .pem file
  3. I created a new keystore and key according to their directions, with two simple steps (below)
  4. Sent the extracted .pem file to Google (available on the app upload page 3 days later)
  5. Rebuilt the app with the new keystore and alias (find it in the build dialog and enter the keystore password); upload will be automatically selected as the alias because it is the only one

Steps to create a new keystore and upload alias:

  1. keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore xxx.keystore

  2. keytool -export -rfc -alias upload -file upload_certificate.pem -keystore xxx.keystore

The only gotcha I noticed is that I had to set the keystore password and the key alias password the same. If I made them different, then Corona seemed to have a problem, but perhaps I didn't try enough variations. Anyway, this worked, and took less than a minute.

 

I think the difference between this success and my problems before is that for these I started fresh with a new keystore with only one alias in it, instead of trying to load a key into an existing keystore and using that new key in Corona. That is my best guess.




[topic_controls]
Page 2 of 2 1 2
 
[/topic_controls]