如何在Android Studio中使用Play商店中的upload_cert.der? [英] How do I use upload_cert.der from play store in Android Studio?

查看:461
本文介绍了如何在Android Studio中使用Play商店中的upload_cert.der?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我从Play商店下载了upload_cert.der文件.我将根证书添加到我的密钥库中就好了.但是Android Studio不允许我使用它,因为没有密码. Android Studio抱怨我必须先输入密钥密码,然后才能进行构建.

I downloaded the upload_cert.der file from the Play store. I added the root certificate to my keystore just fine. But Android Studio won't let me use it because there is no password for it. Android Studio complains that I must enter a key password before it let's me do the build.

  1. 是否可以通过此upload_cert.der文件生成受密码保护的私钥?
  2. 有没有办法让Android Studio让我克服这个错误"并进行构建?
  3. 我正在使用Windows,并且upload_cert.der文件已添加到我的Windows证书存储中.我是否可以在Android Studio外部对APK进行签名(即使我愿意留在工具中使用)?

我发现有人问这个问题,没有一个答案提到密码,只是解释了为什么在密钥库中有多个错误类型的条目,等等.为清楚起见,我可以在密钥库中创建一个密钥我自己制作的并带有密码,就好了.在尝试添加任何类型的密钥之前,我会先删除别名.当Android Studio想要密钥的密码而没有密码时,我只是不知道如何使用Play商店中的.der文件!

I found someone else ask this question and none of the answers mentioned the password, just explanations for why there are multiple entries of the wrong type in the keystore, etc. To be clear, I can create a key in the keystore of my own making and with a password, just fine. I deal with deleting an alias before I try to add a key of any sort. I just don't know how to use the .der file from the play store when Android Studio wants a password for the key and there is none!

如果我使用的密码只是随机的,这是确切的错误: 无法从存储"C:\ Users \ xxxx \ xxxx.jks"中读取密钥表示:受信任的证书条目不受密码保护 因此,很明显,没有办法以某种方式伪造这一点.

Here's the exact error if I use a password that is just random jiberish: Failed to read key rep from store "C:\Users\xxxx\xxxx.jks": trusted certificate entries are not password-protected So it's clear that there is no way to fake this out somehow.

推荐答案

您缺少的重要事实:

Google Play永远不会为您提供用于签名的密钥 .它只会向您提供证书进行验证.

Google Play never gives you a key you use to sign things. It only ever gives you certificates to verify with.

我将从您可能了解的基础知识开始.在公用密钥加密中,有一个专用密钥和一个公用密钥.只有签名的人才能拥有私钥.否则任何人都可以签名.任何人都可以拥有的公钥.他们可以使用它来检查签名是否有效.

I'll start with the basics you probably know. In public key cryptography, there is a private key and a public key. Only the person who signs has the private key. Otherwise anyone could sign. The public key anyone can have. They can use it to check the signature is valid.

upload_cert.der下载 仅包含公钥 . Google Play允许您下载它进行验证的原因.您可以离线验证您的签名是否符合Play商店的期望.您可能永远不需要这样做.

The upload_cert.der download only contains the public key. The reason Google Play lets you download it for verification. You can verify offline your signatures match what the Play Store expects. You probably never need to do this.

出于两个原因,Google Play没有为您提供上传证书的私钥.

Google Play doesn't give you the private key for the upload certificate for 2 reasons.

  1. Google没有您的上传密钥的私有部分!注册Google Play应用签名后,您创建了上传密钥的私钥部分.您从未将其提供给Google. Google拥有的全部都是公钥部分.
  2. 如果Google确实把它给了您,则密钥将没有价值.上传密钥的全部意义在于,即使黑客闯入了您的Play控制台帐户,他们仍然无法上传新版本的应用程序.他们也将需要上传密钥.上载密钥表示Google Play知道该应用来自您.如果他们允许您从您的帐户下载签名密钥,那么黑客也可以下载它.那么那将一文不值.

如何获取签名所需的上传密钥?

因此,现在您可能遇到的问题是如何获取签名所需的公共密钥?".答案是您创建它".首次上传APK时,该APK是用密钥签名的(Google坚持要求使用该密钥).它可能存储在您的Android Studio中.该密钥将成为您的上传密钥.找到保存它的地方.

How do I get the upload key I need for signing?

So now the question you probably have is "how do I get the public key I need for signing?". The answer is "you create it". When you first upload your APK, that APK was signed with a key (Google insists on it). It was probably stored in your Android Studio. That key becomes your upload key. Find where you kept it.

现在您可能会在一个不知道最初使用密钥在哪里的地方.这对Google Play应用签名非常有用.如果您自己对应用程序进行签名并丢失了签名密钥,那么您将被卡住,则必须创建一个新的应用程序.但是,通过Google Play应用签名,您可以联系Play控制台支持,他们可以为您提供帮助. 该过程在帮助页面上.

Now you might be in a place where you don't know where the key is that you originally used. This is the great thing about Google Play App Signing. If you were signing your app yourself and lost the signing key you would be stuck, you'd have to create a new app. But with Google Play App Signing you can contact Play Console support and they can help you. The process is on the help page.

请查看标题为创建新的上传密钥"的部分.请注意,步骤1是 您创建密钥 . Google仍然没有它.

Look at the section entitled "Create a new upload key". Notice step 1 is you create the key. Google still never has it.

这篇关于如何在Android Studio中使用Play商店中的upload_cert.der?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆