Certificate chain not found, how to fix and publish to Google Play Store?

Question

ERROR MESSAGE:

jarsigner: Certificate chain not found for: project_foo.<br/>
project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

QUESTION: How do I include a public key certificate chain to address the error?

BACKGROUND: The App Developer has completed an Android app and delivered an unsigned APK called Foo.apk. My objective is to sign and zipalign the APK in preparation for uploading it to the Google Play store. My keystore is located at C:\Path\.keystore on a Windows machine.

COMMAND LINE, my command:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore C:\Path\\.keystore Foo.apk project_foo

COMMAND LINE, response:

Enter Passphrase for keystore:
jarsigner: Certificate chain not found for: project_foo.<br/>
project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

ALSO TRIED: Verified that I remember the correct password. Using 'keytool -list' from the command line shows me the expected list (it includes one private key).

PREVIOUS OS QUESTION: certificate chain not found asked using a .cer file from Verisign. I have no similar file available.

OTHER INFORMATION: Windows 7 machine, using standard Windows command prompt.

Yes, I suppose it is my first app. I uploaded an earlier version of this same product as a Beta to the Play Store. Now we have a Release Candidate version that I want to upload as beta and promote to Production if testing passes. — campbellwarren, May 20 '14 at 03:33
Yes I generated my own. Did I need to start with a public key certificate? — campbellwarren, May 20 '14 at 03:37
Instead if signing via command line, try in `Eclispe >> Your Project >> Right Click >> Export >> Android ... >> .. >> Existing >> ...` this will take a min or two. — VenomVendor, May 20 '14 at 03:37
I faced this issue when the alias name is not matching with filename. Try using same name for file as well as alias. — Pankaj Shinde, Dec 20 '20 at 12:47

score 141 · Accepted Answer · answered May 20 '14 at 02:56

141

keytool -keystore formconnect.keystore -list -v

You can use this command to find out your alias name after you have generated your key.

First line of execution contains the Alias name: <value> If keytool is used then alias name might be "mykey".

Use that alias name while packaging the application.

answered May 20 '14 at 02:56

Umit Kaya

5,771
3
38
52

Yes, thank you. I remember the alias name, as well as I am able to see it from the keytool -list. – campbellwarren May 20 '14 at 03:35
mark to correct answer its resolved my problem too :) – dmh Jan 05 '18 at 08:42
1

Worked for me too. For people using this command, you need to mention your `keystore` filename in `formconnect.keystore` in `keytool -keystore formconnect.keystore -list -v`. – nice_dev Apr 17 '19 at 12:50

score 16 · Answer 2 · answered May 13 '16 at 01:09

i had the same issue my commands were

to generate key

 keytool -genkey -v -keystore testapp-key.keystore -alias testapp-key -keyalg RSA -keysize 2048 -validity 10000

and then i did this to sign the app

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore testapp-key.keystore testapp.apk testapp

i got this error

jarsigner: Certificate chain not found for: testapp.<br/>
project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

then i replaced the alias 'testapp' in the jarsignir command with the key alias that is 'testapp-key' it is in first command i.e. key generation command

the command will look like this

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore testapp-key.keystore testapp.apk testapp

in your case it will be like this

 jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore C:\Path\\.keystore Foo.apk your-key-alias

score 3 · Answer 3 · answered May 21 '14 at 00:01

The Developer on our team proposed the solution that fixed the problem. Previously I had copied the Foo.apk into the directory with the jarsigner.exe and tried to run it there. He proposed:

Set the PATH environment variable so Windows can find the jarsigner executable.
Move the Foo.apk to the path where the keystore was located.
Run the command below (without using a path to find the keystore).

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore .keystore Foo.apk project_foo

It works! Removing the necessity to specify file path for the keystore fixed the problem.

Yes, this worked for a Linux signing operation as well, step 2, move everything into the same directory. Thanks! — Hugh Barnard, Sep 17 '15 at 09:34

score 2 · Answer 4 · answered Dec 30 '17 at 13:20

2

add release unsigned.apk folder path

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore keystorename.keystore .....\platforms\android\build\outputs\apk\android-release-unsigned.apk aliasname

it's work for me !!

answered Dec 30 '17 at 13:20

Dhanashri Dhoke

41
1

so we can upload the generated file to playstore? – Ahmad Arslan Jul 16 '18 at 07:43

score 0 · Answer 5 · answered Dec 23 '19 at 22:47

If you are trying to sign your .aab or .apk ,from Android Studio but keep getting this error even though you are doing everything right, here is the solution that worked for me: Go to search and find Command Prompt. Run it as Administrator. Now Type this line.

"C:--->Your Path To jarsiner<---\jdk1.8.0_192\bin\jarsigner" -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore "C: **--->Your Path To the Keystore<---**\Desktop\OfficalBuilds\MyKey.keystore" "C:**--->Your Path To the .apk Or .aab<---**\Desktop\MyFinalBuild.aab"  "My Alias "

If you tried the above solutions,you will notice now the alias is typed inside " ". Also sometime there is a space at the end "My Alias "

Certificate chain not found, how to fix and publish to Google Play Store?

5 Answers5

Linked