I created an application which is currently on Android market. The key used to sign the application was made using jarsigner. How do I sign using the .key file originally generated?
+1
A:
You will need the original private key that you used to sign the first version. Full information is available here, but here is the excerpt it sounds like you need:
Application upgrade – As you release updates to your application, you will want to continue to sign the updates with the same certificate or set of certificates, if you want users to upgrade seamlessly to the new version. When the system is installing an update to an application, it compares the certificate(s) in the new version with those in the existing version. If the certificates match exactly, including both the certificate data and order, then the system allows the update. If you sign the new version without using matching certificates, you will also need to assign a different package name to the application — in this case, the user installs the new version as a completely new application.
AFAIK, .key is not a standard (conventional) file ending. Most of the time you are working with a .keystore file. The keystore contains the key. The keystore and the key both have passwords and separate security measures for safety.
If you generated your ".key" file using jarsigner and one of the commands listed here, then you likely created a keystore file and happened to give it the ending ".key" If this is the case, then just compile your application into release mode, sign the application using the jarsigner tool, and use zipalign (not sure what this is for, compression perhaps?).
If you don't have the original keystore and key file, then you're boned. Sorry :/ Tons of other info can be found on the Signing Your Application page
HTH, Hamy
Hamy
2010-07-21 02:41:47
Thanks. I got it by putting the filename.key (the .key is important) in the keystore portion of the jarsigner command for signing. Seems to have done the trick. You can use keytool to grab all aliases within the .key file as well. I guess .key was the keystore itself. Thanks for the help.
Oh Danny Boy
2010-07-21 02:59:17
Glad you got it. I feel that you just accidentally named the keystore file with a .key extension. You could have named it anything (keystore.blahblah for example) and it would work just fine, provided that you passed the full filename (keystore.blahblah, not just keystore) to the jarsigner so that it could find the file. Many times if you use the conventionally accepted file extensions, then you don't have to put the whole file name. For example, if you entered keystore as the filename, jarsigner prob looked for a keystore.keystore file for you. HTH
Hamy
2010-07-21 03:13:35