I have never set any passwords to my keystore and alias, so how are they created?

Question

As I was going through some posts on the Internet learning more about signing your Android app, I got post like how to sign the app, and something about what if you have lost your keystore file or password.

The question I am here to ask is that, I have never created a keystore, or its alias, or its password, so how on this earth can I forget it?

I know that for Android we use the password android, so, if the password is by default android how can one forget it? (I'm sure there must be some other way to create new keystores).

Finally, if android is the default password, what is the default alias?

Answer 1

Signing in Debug Mode

The Android build tools provide a debug signing mode that makes it easier for you to develop and debug your application, while still meeting the Android system requirement for signing your APK. When using debug mode to build your app, the SDK tools invoke Keytool to automatically create a debug keystore and key. This debug key is then used to automatically sign the APK, so you do not need to sign the package with your own key.

The SDK tools create the debug keystore/key with predetermined names/passwords:

Keystore name: "debug.keystore"
Keystore password: "android"
Key alias: "androiddebugkey"
Key password: "android"
CN: "CN=Android Debug,O=Android,C=US"

If necessary, you can change the location/name of the debug keystore/key or supply a custom debug keystore/key to use. However, any custom debug keystore/key must use the same keystore/key names and passwords as the default debug key (as described above). (To do so in Eclipse/ADT, go to Windows > Preferences > Android > Build.)

Caution: You cannot release your application to the public when signed with the debug certificate.

Source: Developer.Android

Answer 2

if you want to configure them in gradle it should look like

signingConfigs {
        debug {
            storeFile file('PATH_TO_HOME/.android/debug.keystore')
            storePassword 'android'                   
            keyAlias 'AndroidDebugKey'
            keyPassword 'android'                     
        }
        ...
}

Answer 3

when we run application in eclipse apk generate is sign by default Keystore which is provided by android .

But if you want to upload your application on play store you need to create your own keystore. Eclipse already provides GUI interface to create new keystore. And you also can create keystore through command line.

default alias is

androiddebugkey

Answer 4

Better than all options, you can set your signingConfig to be equals your debug.signingConfig. To do that you just need to do the following:

android {
  ...
  buildTypes {
    ...
    wantedBuildType {
      signingConfig debug.signingConfig
    }
  }
}

With that you will not need to know where the debug.keystore is, the app will work for all team, even if someone use a different environment.

Answer 5

Keystore name: "debug.keystore"

Keystore password: "android"

Key alias: "androiddebugkey"

Key password: "android"

I use this information and successfully generate Signed APK.

Answer 6

All these answers and there is STILL just one missing. When you create your auth credential in the Google API section of the dev console, make sure (especially if it is your first one) that you have clicked on the 'consent screen' option. If you don't have the 'title' and any other required field filled out the call will fail with this option.