I'm trying to sign my APK with certificates issued by GOOGLE PLAY CONSOLE (in .der format). I can put the certificate inside a protected .jks container with password but at the time of compilation I am interrupted with a message saying that the "certificate is not protected by a password".
I have tried to edit the reconfiguration of the file "build.gradle" by removing the parameter "keyPassword" (but at the time of compilation I am again interrupted informing that the parameter is missing. I also tried to leave the parameter blank, set it to "false", set as "null" and even as "000000" (I confess that the latter was desperation .Kkk ...), in these last attempts I told them the compilation is always interrupted with the same message stating that the "certificate is not protected by a password ".
I thought maybe there could be a surrogate parameter of keyPassword as a keyEmpty or keyIgore that could make the compiler understand that the certificate is not actually protected by a password but it is not an error. But I did not find anything in my Google searches ...
I thought maybe I could "clone" the certificate provided by Google by creating a clone with a password. This would solve my problem ... But I did not find anything in that sense of a tool that could clone the certificate by entering a password (maybe this does not even exist because in practice I would be violating the certificate itself, correct?)
Has anyone ever experienced this? Can you give me a hand? I've tried everything I do not know what else to do ...
I think Google Play apps are signed at all times. Therefore, there must be an easy and logical solution that I am not filling ...
My current code (which is not working), looks like this:
**release {
keyAlias "deployment"
keyPassword *null*
storeFile file (keystoreProperties ['storeFile'])
storePassword keystoreProperties ['storePassword']
}**
If anyone can really give me the hint of where I'm going wrong! I would be very grateful...
A certificate does not contain a private key, and thus cannot be used to sign an APK.
You can read this answer I wrote some time ago on the topic which should clarify what those certificates are.
You should sign your APKs or App Bundles with the same keystore as the ones you used to sign your first APK/Bundle uploaded to the Play Console.
If you have lost that keystore, you may request the key to be reset. See Reset a lost or compromised private upload key in the official documentation.