Suddenly unable to build for Android due to keystore issue

So, for me, it seems like 32 vs. 64-bit doesn’t make a difference, it doesn’t work either way.  But, I tried what Cleverson suggested and went back to a 1.6 JDK and yep, there it seems to work, though I haven’t submitted to the store so if there are other problems lurking I can’t say, and certainly there seems to be based on what he said.  This of course isn’t an option for me because I have other work that requires the latest JDK, so I’m kind of dead in the water (though, knowing this, I can at least spin up a VM to do my Android builds in, so I guess not really dead in the water - just a bit inconvenienced I suppose ).  

Fortunately, I don’t currently have a big Corona project going so it’s not the end of the world, but it DOES mean that I can’t (easily) update my existing apps - and I in fact may not WANT to given the possibility of introducing issues.  Though, like I said, a VM with 1.6 is at least a viable fallback it seems.

Still, would be really nice to figure out what’s going on so I can work using my usual environment and workflow when needed.

There are two different issues here. @fzammetti is having password problems. @impossibleapps & @sbullock seem to be experiencing a different issue.

I don’t have a lot to add to @fzammetti’s issue yet. Can I get a screen shot of your build screen just before you hit the build button? Please do not blur/block out any field.

Now for the other problem.  

Oracle at some point in the keytool/jarsigner process changed the default encryption method (from SHA128 to SHA256 I think). Older versions of Android do not know how to read the new encryption and the apps fail to install. Using Java 1.6 keeps you signing with the old method.  1.7 and later use the new method and Android 4 (again I think) can’t deal with this.  

It appears that Google is now checking for this.  API 10 is 2.2.3 which older versions of Corona might still support. Our current minimum is API 15 (4.0.3) and it appears that API 17 is the last version to have this issue (4.2).  It looks like Google might be flagging apps that support these older devices that are signed with the newer method and rejecting them.

Can you tell me more about how you got rejected? I just did a build on my Mac and uploaded it to Alpha and didn’t get an error. Is this something that comes in email later? As soon as you upload it? Can I get more context on it?

Thanks

Rob

I don’t believe it’s a password problem per se, I think it’s just presenting that way.

Here’s the screenshot:

What happens is that when I try to select a Key Alias, which is blank, it tells me “The password for the key store located at c:\program files (x86)\corona labs\corona\resources\debug.keystore was not valid, or the key store was not valid”.  So I hit Ok, and I enter “android”, which I believe is the correct password for the debug keystore, and it repeats that error message.  I run into this same issue using MY OWN keystore, which of course I know the password to.

This DOES NOT seem to happen when using JDK 1.6.  So it seems like back to the same sort of JDK issues I’ve seen in the past, but now it’s just that I need to have the latest JDK installed, and as far as I know there’s no way to tell Corona to use a specific JDK, other wise I’d just have them installed side-by-side and be good to go (that would REALLY be handy feature by the way!).

In the drop down for Keystore do you have the option for “Debug” with no path information?

If so select it and try the known debug keystore password.

The Keystore field isn’t a dropdown, it’s a path selection.  Do you mean the Key Alias?  Because that’s a dropdown, but when I click it, it’s empty (which only makes sense: if it can’t read from the keystore it’s not going to be able to populate the key aliases).  Also, as soon as the Keystore field loses focus is when I get the error about the incorrect password, seems like regardless of what keystore it’s pointed at.

Hi Rob;

You asked:

“Can you tell me more about how you got rejected? I just did a build on my Mac and uploaded it to Alpha and didn’t get an error. Is this something that comes in email later? As soon as you upload it? Can I get more context on it?”

This comes in a “New Release to Production” – which may have different analysis by Google.

After you upload your APK (and, in my case, with an expansion file) the error message would appear in the screen that I am showing in the image here. I “think” the error message appeared after I tapped the “SAVE DRAFT” button (it has been about 2 weeks since I had the problem) but it may have appeared after the APK upload reached 100% and Google did its instant analysis of the file.

The included image is from an upload of an update this morning (which doesn’t throw this error because it uses 1.6) – so it is more to show you where the Google error message occurs.

Best;

Steve

@fzammetti Sorry about asking about the drop down. I use a Mac mostly. On the Mac build screen there is an option called “Debug” which picks the keystore for me. 

For Windows picking the debug.keystore from C:\Program Files (x86)\Corona Labs\Corona SDK\Resources\ folder should not ask you for a password. We handle that internally. If you’re being prompted, then perhaps that file is corrupt.

This file should be read only, but any one or process running as an Administrator can make changes.  Can you bring up a Windows Explorer window and to into that folder and right click on debug.keystore file and choose “Properties” and report the size to me? A screen shot of that dialog would be useful so i can look at other values as well.

The Java version has an impact at signing time. FWIW on my Windows machine, I only have the Java 32 bit JRE 1.8.0_131 and the 32 bit JDX 1.8.0_131 installed. I don’t have any 64 bit or older versions.

Making a release keystore is tricky. People try and copy/paste the command from our guide which only works on Macs since keytool.exe is never added to a PATH on Windows. You either have to CD to the folder where keytool.exe exists and specify a full path to where you want to save your keystore (can’t save it where keytool.exe is, it’s read only)  or CD to where you want to save the keystore and run keytool.exe with the full path. Since everyone’s Java is likely to be a little bit differently, we can’t make an easy Copy/paste command for windows.

For the other issue, Engineering is  looking into it. 

Rob

No worries Rob, I appreciate the help!  Here’s the screenshot:

Interesting, you say it should be read-only, which it’s not… but, I re-installed Corona from scratch when I started having these problems, so this is as it was installed.  I suppose it’s possible something munged it between then and now but I know I didn’t mess with it and I can’t think of anything else that would have (virus scans with multiple tools all come up clean, and I have Eset running all the time, so that possibility seems very unlikely).

And yeah, it definitely prompts for password as soon as focus leaves the Keystore field, for any keystore I point it to, Corona-supplied or my own, so something definitely seems funky here.

Hi everyone,

Just confirming that the problem is solved. I followed Steve’s suggestion and switched to Java 1.6 (I was using Java 8). Google accepted my APK with no error messages.

Thanks a lot for your help!

Br,

Cleverson

What version of Corona do you have installed?

May be unrelated here but I created a folder to store all my app keys and I thought I’d move the debug keystore there too (for easy swapping) but it didn’t work for some reason (blank password problem).  However, the same file in the standard install location works just fine and correctly loads the default password.

2017.3100 (2017.6.22)

It shouldn’t be prompting you for a password. Can I get a screen shot of it asking you?

Rob

This is debug keystore NOT IN default location

You can see it asks for password and fails if you enter “androiddebugkey”

Edit: Just FYI really Rob as this shouldn’t happen

The debug keystore should be in the Corona folder where we put it. If you move it somewhere else, we treat it as a personal keystore and you’re going to get prompted for a password…  The password is “android”.  “androiddebugkey” is the name of the alias, not the password.

Rob

Perception I think there… if it is called “debug.keystore” it shouldn’t matter where it is placed IMHO. Dev v framework difference.

And yes “android” as password worked just fine.

It would be handy for me to have ALL keystores in the same location and Corona know whether it was debug of production.  A minor annoyance.

I only mentioned it in this thread in case it helped others.

I can do better than that: check out the video here: http://www.zammetti.com/keystore_issue.mp4 … there you can see exactly what’s happening.  As soon as focus leaves the Keystore field I get the error message saying the password is invalid.  Doesn’t matter whether I tab out or click something else, it’s on loss of focus generally, and it’s every time.  I typed ‘android’ as the password there but it doesn’t accept it.

EDIT: Whether I check save password or not doesn’t make a difference.  And, as you can see, the alias field is empty (but that’s only logical given it apparently can’t open the store for lack of password).

Engineering is suggesting that you uninstall.  Then run “regedit” and clear out any Corona Labs keys that you find. 

HKEY_CURRENT_USER\Software\Corona Labs\Corona SDK

and

HKEY_CURRENT_USER\Software\Ansca Corona

You can also do this from a command prompt (cmd.exe or the new power shell)

reg delete “HKEY_CURRENT_USER\Software\Ansca Corona”

reg delete “HKEY_CURRENT_USER\Software\Corona Labs”

Then reinstall… You want to get the latest build any way, we’ve fixed quite a few things since 3100. The latest is 3109.

Rob

Bad news: installed 3109 as specified, and deleted those two keys.  Reinstalled and it was like a fresh installation, had to enter email/PW and everything (didn’t have to do that last time I re-installed, I assume because those keys were still there).

But, no good: same thing happens… it still asks for password as soon as focus leaves the keystore field.  Exact same sequence of events

After reading this forum I am concerned about the update to JDK 1.8 I just did because I am trying to get a SHA256 Signature for Amazon messaging. After updating to JDK 1.8 my certs still only show MD5 & SHA1. So I am not sure what to do next and/or how it might impact all my apps so any advice would be appreciated. Can I keep using my old keystore but use a new one just for Amazon apps that I want to use messaging?