gradle assembleRelease 使用错误的密钥/证书 [英] gradle assembleRelease uses wrong key/certificate
问题描述
我有一个基于 gradle 的 android 项目并试图生成一个发布 apk.但是,似乎 gradle 以某种方式获取了错误的密钥/证书.
I have a gradle-based android project and trying to generate a release apk. However, it seems that somehow gradle is picking up the wrong key/cert.
这是我在 build.gradle 中的内容:
This is what I have in build.gradle:
signingConfigs {
release {
storeFile file("mykey.jks")
storePassword "mypass"
keyAlias "mykey.key"
keyPassword "mypass"
}
}
buildTypes {
release {
debuggable false
jniDebugBuild false
runProguard true
proguardFile getDefaultProguardFile('proguard-android.txt')
signingConfig signingConfigs.release
}
}
运行后
gradlew assembleRelease
并从 .apk 中取出 META-INF/CERT.RSA 我运行以下命令:
and taking out META-INF/CERT.RSA from inside the .apk I run the following:
keytool -list -keystore mykey.jks
和
keytool -printcert -v -file CERT.RSA
但它们产生具有不同证书指纹的输出.尝试使用来自另一个使用相同密钥(但不是使用 gradle)签名的 apk 的证书会产生正确的证书指纹.
but they produce output with different certificate fingerprints. Trying with a certificate from another apk signed with the same key (but not with gradle) yields the correct certificate fingerprint.
Gradle 似乎可以很好地获取密钥库(更改密码、位置或别名会使其停止工作).
Gradle seems to be picking up the keystore fine (changing the password or location or alias makes it stop working).
我很困惑,因为我不想将使用未知密钥签名的内容发布到商店然后无法更新它.我没有在 gradle 中明确定义的调试键.
I'm puzzled since I don't want to release something to the store signed with an unknown key and then not be able to update it. I don't have a debug key explicitly defined in gradle.
更新:这与密钥库有关.使用新的密钥库和密钥尝试相同的 gradle 代码可以正常工作.这个有问题的密钥库是从 pkcs#12 格式(.p12 文件)导入的.不过,使用 Intellij 或 jarsigner 可以很好地处理此密钥库,只是 gradle 代码具有不同的输出 - 似乎只有从密钥生成的证书不同.
UPDATE: This has something to do with the keystore. Trying the same gradle code with a fresh keystore and key works fine. This problematic keystore was imported from a pkcs#12 format (.p12 file). Using Intellij or jarsigner works fine with this keystore though, it's just the gradle code that has a different output - and it seems only the certificate generated from the key is different.
推荐答案
这里唯一的解决方案是从一个新的密钥开始.之前的密钥是从 PKCS12 格式导入的,我认为这会导致 gradle 代码生成与 jarsigner 不同的证书.
The only solution here was to start with a fresh key. The previous key had been imported from a PKCS12 format and I think that somehow caused the gradle code to generate a different certificate than jarsigner.
这篇关于gradle assembleRelease 使用错误的密钥/证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
