Reputation: 275
Create keystore from rsa file
I've developed an app who run on 100 devices. Want to update it but if I install the new APK give me error. "Android App Not Install. An existing package by the same name with a conflicting signature is already installed".
I researched and found the problem. I changed my SSD and that's why my debug.keystore file is gone at formatting.
I have found the RSA file in APK. Can I change my new debug.keystore with the value in the old APK?
I researched keytool. Can i use importcert and give two certificate in one debug.keystore?
Upvotes: 0
Views: 1732
Answers (1)
Reputation: 5193
It that will be possible, everyone can unpack APK and get your private key. Next time do backups before formatting!
I think Google explain it in documentation pretty well
https://developer.android.com/studio/publish/app-signing.html#secure-key
Maintaining the security of your private key is of critical importance, both to you and to the user. If you allow someone to use your key, or if you leave your keystore and passwords in an unsecured location such that a third-party could find and use them, your authoring identity and the trust of the user are compromised.
If a third party should manage to take your key without your knowledge or permission, that person could sign and distribute apps that maliciously replace your authentic apps or corrupt them. Such a person could also sign and distribute apps under your identity that attack other apps or the system itself, or corrupt or steal user data.
Your private key is required for signing all future versions of your app. If you lose or misplace your key, you will not be able to publish updates to your existing app. You cannot regenerate a previously generated key.
Your reputation as a developer entity depends on your securing your private key properly, at all times, until the key is expired. Here are some tips for keeping your key secure:
- Select strong passwords for the keystore and key.
- Do not give or lend anyone your private key, and do not let unauthorized persons know your keystore and key passwords.
- Keep the keystore file containing your private key in a safe, secure place.
In general, if you follow common-sense precautions when generating, using, and storing your key, it will remain secure.
MD5, SHA1, SHA256 - different digests ( result of hash-function ) and cannot be used to restore your keystore.
Upvotes: 1
Related Questions
- Save and Retrieve KeyPair in AndroidKeystore
- Android Keystore multipurpose key generation
- import RSA keyPair to KeyStore
- Android KeyStore parameters building
- How to save keys to keystore?
- Android Save RSA Private and Public Key
- Convert Java.Security.KeyPair to .NET RSACryptoServiceProvider
- Android KeyStore - How to save an RSA PrivateKey
- How to import RSA key from KEY file
- Having trouble creating keystore file