This is a migrated thread and some comments may be shown as answers.

Generate Signed version of Android apk after migration to Cordova CLI

6 Answers 161 Views
General Discussions
This is a migrated thread and some comments may be shown as answers.
This question is locked. New answers and comments are not allowed.
Gary
Top achievements
Rank 1
Gary asked on 21 Mar 2018, 10:18 AM

Hi,

My subscription expired, but at this point I'm pretty much fully migrated to using Cordova CLI. The last step I need is help with signing the Android app so I can update the version on Google Play Store. I previously downloaded the cryptographic identity p12 file, but since that was created via Telerik, I don't know what the password is and if I recall correctly, was never asked for this information when setting up the cyrptographic identity (I just hit create in the AppBuilder UI). So even after setting up gradle properties to use the p12 file for release signing, it does not let me build as the password is incorrect. Assistance would be greatly appreciated as it is the last step for me in migrating away from Telerik Platform due to the discontinuation. Thanks.

6 Answers, 1 is accepted

Sort by
0
Gary
Top achievements
Rank 1
answered on 23 Mar 2018, 06:44 AM

Addendum to previous post:

I also need to know the keyAlias and the keyPassword. Specifically, I set the storeFile to point to the p12 file I downloaded (exported) off AppBuilder, and for the rest of the values, I don't know them as the file was created though AppBuilder (http://docs.telerik.com/platform/appbuilder/cordova/code-signing-your-app/configuring-code-signing-for-android-apps/create-cryptographic-identity), and I need those values to sign the app so the apk can be signed and used to update my Play Store listing (vs having to create a new one if I generate a new keystore). Also please note the values I need are for the release signing (and if available, also the debug signing).

See here for the values I need: https://cordova.apache.org/docs/en/dev/guide/platforms/android/index.html#using-gradle

Thanks and I look forward to your reply.

0
Garo
Telerik team
answered on 23 Mar 2018, 12:12 PM
Hello Gary,

I am happy to hear that you were able to migrate your apps successfully to the Cordova CLI.

Recently, we had several people asking about the conversion of the exported from AppBuilder P12 files to a format accepted by the Cordova CLI. The recommended approach is to convert the P12 file to a JKS (Keystore) format with the help of the Keytool. The Keytool is included by default in JDK 1.1 and higher versions. For more information about the conversion process and the exact command you need to use, please see this StackOveflow thread. Using this command, you can set the name (key) and password of the alias and provide them in the build.json file. Please, have in mind that it is recommended to have identical passwords for the keystore and alias, otherwise, you might experience issues when trying to build with the Cordova CLI.

Having said that, the gradle approach that you have linked seems to work with a P12 file. We have never tested this option, nevertheless, when you export your certificate, you are setting a password for it. The same value should be set for the alias as well. Based on the link that you have provided, storePassword and keyPassword should be identical. The keyAlias is generated based on the name of the exported file, but only in lowercase characters. For example, I exported a "My P12 Certificate"certificate and its alias was "my p12 certificate". You can check the exact name of the alias using the above-mentioned Keytool. The command that you need to run is:
keytool -list -v -keystore "<path to p12 file>"

To sign your Android app during development (debug builds), you can use any certificate you wish or none at all. For the latter, the Cordova CLI will produce an unsigned APK that still can be tested on devices.

I hope the provided information is helpful.

Regards,
Garo
Progress Telerik
Telerik Platform is retiring on May 10, 2018.
This requires some actions on your side, so please consider reading the full announcement and migration guides at first opportunity.
0
Gary
Top achievements
Rank 1
answered on 27 Mar 2018, 03:35 AM

Hello Garo,

Thanks for the reply. I have actually already investigated the method you mentioned in your post. However, exactly like with the gradle method, a password for the source file (the p12 exported from Telerik Platform) is needed to generate the .jks file.

Here is a code snippet of what happens when I try out the command to -importkeystore via keytool:

keytool -importkeystore -srckeystore <Android_CryptoID_Exported_from_Telerik_Platform>.p12 -srcstoretype pkcs12 -srcalias <src_alias_name> -destkeystore <New_CrytpoID_Name>.jks -deststoretype jks -deststorepass <New_CrytoID_Name_Password> -destalias <new_alias_name> -destkeypass <New_CrytoID_Name_Password>
Importing keystore <Android_CryptoID_Exported_from_Telerik_Platform>.p12 to <New_CrytpoID_Name>.jks...
Enter source keystore password:  <THIS_IS_WHAT_I_DONT_HAVE_AND_NEED_TO_PROCEED>
*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in the srckeystore*
* has NOT been verified!  In order to verify its integrity, *
* you must provide the srckeystore password.                *
*****************  WARNING WARNING WARNING  *****************
keytool error: java.security.UnrecoverableKeyException: Get Key failed: null

Note the error message, which was a result of not having the password. I never recall having to input a password at any point either during the creation of the p12 file via AppBuilder UI (http://docs.telerik.com/platform/appbuilder/cordova/code-signing-your-app/configuring-code-signing-for-android-apps/create-cryptographic-identity), nor when exporting it, also via the AppBuilder UI (http://docs.telerik.com/platform/appbuilder/cordova/code-signing-your-app/export-identity).

Sorry to beat the same drum, but any assistance retrieving that password would be appreciated, as I cannot figure out if I missed a step somewhere or if I'm correct and I need to be provided the password by your organization. If the information is personal, please email me via my registered account email.

The name of the app (as listed under my account) in question is HRMHybridApp.

Thanks in advance.

0
Ventsislav Georgiev
Telerik team
answered on 29 Mar 2018, 11:27 AM
Hi Gary,

Garo is currently out of office, but I hope I can bring some insight on the issue.

We do not have that password on our side as we store and protect the certificates via other means and not p12 files. The p12 file is only generated by the export functionality and is protected with the password you have entered in the prompt dialog. We do not support certificate export without setting a password. If you can't remember the password you set during the export, you could re-export the same certificate again.

In case you need any further assistance, don't hesitate to contact us.

Regards,
Ventsislav Georgiev
Progress Telerik
Telerik Platform is retiring on May 10, 2018.
This requires some actions on your side, so please consider reading the full announcement and migration guides at first opportunity.
0
Gary
Top achievements
Rank 1
answered on 04 Apr 2018, 03:29 AM

Hi Ventsislav,

I was able to resolve the situation on my own. It was an error on my part, as once you mentioned that there's a prompt dialog when exporting (and importing), I went through a list of possible passwords I used and one of them worked. I then duplicated the key with a new password that I have logged. Building the release versions was successful after that using the gradle method. Thanks for the support.

P.S. I renewed my subscription till the retirement date of Telerik Platform, but only 1 seat and noticed that on the primary's account, when looking at the app, none of the certs and provisioning profiles were kept for the app. Is this intended behavior? Are profiles and certs not kept on a per-app basis? It would seem odd that they are a per-user basis when there's a team functionality. Or do all provisioning profiles and certs get deleted upon a subscription expiring? Or did I stumble on a bug? I mention this because in your reply you said I could "re-export the same certificate again", which would've been impossible in my case as it (nor the rest of my certs and profiles for both android and ios) wasn't there anymore. Luckily I had already backed up the files before my original subscription expired so it doesn't affect me, but this may be something I thought you would like to know.

0
Garo
Telerik team
answered on 06 Apr 2018, 09:20 AM
Hello Gary,

We are happy to hear that you were able to export your cryptographic identities and successfully use them to build a releasable app package.
 
I wanted to take a minute and explain about the certificates and how they are tied to the accounts. Your assumption is correct and the certificates and mobile provisions are per user. They are not deleted when a license expires and they are even backed up for limited amount of time. However, if the user deletes them manually, they are gone. In the past there has been several discussions about the possibility to make the code signing assets team based, but the demand was never high enough to justify the development effort and other tasks were prioritized instead. Additionally, there are a lot of companies and users that would prefer to have some of their code signing assets (for example, the distribution ones) not visible to the entire team and while this of course can be implemented, it would have made the entire process of adding and managing certificates and provisions a lot harder.

I hope that this explanation answers your question.

Kind regards,
Garo
Progress Telerik
Telerik Platform is retiring on May 10, 2018.
This requires some actions on your side, so please consider reading the full announcement and migration guides at first opportunity.
Tags
General Discussions
Asked by
Gary
Top achievements
Rank 1
Answers by
Gary
Top achievements
Rank 1
Garo
Telerik team
Ventsislav Georgiev
Telerik team
Share this question
or