Android generates keystore certificate and views signature information such as MD5 (Android Studio, Keytool)

1. Keytool creates certificate

• Remember to install Java JDK . If you have javathe environment, you can perform the following operations.

  # 检查是否安装了 JDK
  $ java --version
  

• Generate .keystorecertificates, Keytool instructions are described in detail .

  # 指令参数解释
  $ keytool -genkeypair -alias 别名 -keyalg RSA -keypass 密码 -validity 365(默认90天) -keystore server.keystore -storepass 密码
  
  # 案例指令，可以拷贝直接运行，注意：记录好【别名】跟【密码】
  $ keytool -genkeypair -alias dzm -keyalg RSA -keypass 123456 -validity 20000 -keystore ./server.keystore -storepass 123456
  
  # 细节：如果指令带上 -keysize 1024(密钥位数) 参数会报错：（所以去掉）
  # 生成的证书 使用的 1024 位 RSA 密钥 被视为存在安全风险。此密钥大小将在未来的更新中被禁用。
  

  • -genkeypair: Original -genkey, changed after Java 1.6, indicating generating a key pair

  • -alias: Generate an alias. Each keystore will be associated with this unique alias. The alias is not case-sensitive.

  • -keyalg:Specify the algorithm for generating keys

  • -keypass: Specifies the password for the alias entry (the password for the private key)

  • -sigalg: Signature algorithm name

  • -dname: unique distinguished name, cn owner name, ou organizational unit name, o organization name, l city or region name, st state or province name, c two-letter country code

  • -validity:valid date

  • -keystore:Keystore name

  • -storetype:Keystore type

  • -storepass:Keystore password

• View certificate

  Verbose output:

  $ keytool -list -v -keystore server.keystore -storepass 密码
  

  RFC style output:

  $ keytool -list -rfc -keystore server.keystore -storepass 密码
  

• Export certificate

  $ keytool -export -alias server -keystore server.keystore -file server.crt -storepass 密码
  

• View export certificate

  $ keytool -printcert -file server.crt
  

• Client import certificate

  $ keytool -import -alias server -keystore server.keystore -file server.crt
  

• The above instructions are borrowed from Keytool to generate certificates .

2. Create a certificate in Android Studio

• Open Android Studioand find on the menu Build:

  

  Attachment: What is the difference between Android App Bundle and APK

  

  Create a new certificate, and enter Passwordthe following information once, and it must be the same twice.Confirm

  Android AppA signature file is required when packaging into an installation package, and the signature file formats generated by different compilers are also different. EclipseThe signature file of is a file .ketstorewith as suffix; Android Studioit is a file .jkswith as suffix.

  

  

  

• The created certificate can also Keytoolbe viewed using the above command SHA1、SHA256.

3. View certificate MD5 signature information

• Now after Keytooldisplaying the certificate information, the value cannot be obtained MD5. You can check this article: Android keystore obtains MD5, signature information, etc. (including quick apps) in various ways .