Home/ Questions/Q 8178475
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T23:46:34+00:00

I have an app which is signed and several keystore files. I’d like to

  • 0

I have an app which is signed and several keystore files. I’d like to update the app, so I need to find out which one of keys was used.

How can I match which keystore was used to originally sign my app against various keystores I have on my machine?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    First, unzip the APK and extract the file /META-INF/ANDROID_.RSA (this file may also be CERT.RSA, but there should only be one .RSA file).

    Then issue this command:

    keytool -printcert -file ANDROID_.RSA

    You will get certificate fingerprints like this:

         MD5:  B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB
     SHA1: 16:59:E7:E3:0C:AA:7A:0D:F2:0D:05:20:12:A8:85:0B:32:C5:4F:68
     Signature algorithm name: SHA1withRSA

    Then use the keytool again to print out all the aliases of your signing keystore:

    keytool -list -keystore my-signing-key.keystore

    You will get a list of aliases and their certificate fingerprint:

    android_key, Jan 23, 2010, PrivateKeyEntry,
Certificate fingerprint (MD5): B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB

    Voila! we can now determined the apk has been signed with this keystore, and with the alias ‘android_key’.

    Keytool is part of Java, so make sure your PATH has Java installation dir in it.

    • 0