•  06-10-2022
  •  | 
  •  

Question

I have a keystore (keytool key storage), which is used for signing .apk's from Eclipse-ADT. Due to the extremely annoying password requests at each export, I'm trying to figure out how to avoid reentering password.

My current options are:

  • by using Perl/X1::::XTEST, automate password entering (insecure)
  • hack Eclipse to cache passwords (potentially insecure, explicit timeloss)
  • remove keystore password, which seems to be the best possible idea

Attempt to set empty password failed:

>> keytool -keystore /work/X/googleplay.key -alias X -keypasswd
Enter keystore password:  
New key password for <X>: 
Password is too short - must be at least 6 characters
New key password for <X>: 
Password is too short - must be at least 6 characters
New key password for <X>: 
Password is too short - must be at least 6 characters
keytool error: java.lang.Exception: Too many failures - try later
Was it helpful?

Solution

JKS keystores can't be used without a password. The best option is to pass your keystore password on the command line somehow - for example, instead of using the ADT to sign your files, trigger an ant build like in this answer.

If you really want to have a passwordless keystore your only option is to write your own implementation of KeyStore (although you still have to be able to tell your signing tools to use it) - see the Oracle documentation for more details.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top