JDK 7 changes keytool output

Question

I'm using keytool of JDK to generate the Google Maps API key fingerprint. While being rejected for several times, I realized that I've upgraded JDK to 1.7 recently. So I switch my dir to JDK6 (Thank god, the old version remains.), and repeated the same command:

D:\.android>"C:\Program Files\Java\jre6\bin\keytool" -list -alias androiddebugkey -keystore debug.keystore -storepass android -keypass android

and Bang! It works. Turned out that JDK7 generated the SHA1 fingerprint instead of MD5, which leads to the rejection of my submission to Google. So I'm wondering why this happens for the new version of JDK. Any one have some clues?

Answer 1

The keytool command has the parameter -keyalg that takes an algorithm name and generates the key according to that algorithm. As far as I understand, it just means that the default algorithm for that command has changed.

I do not know whether it is a conscious choice or a bug - you may want to report it to Oracle.

Answer 2

keytool.exe -v provides you different fingerprints, such as MD5 etc.

exampl: C:[jedk path]\bin\keytool.exe" -v -list -keystore "C:\Document s and Settings\Administrator.android\debug.keystore"

Answer 3

To elaborate on the accepted answer:

With JDK 1.7 I was having Authorization failure issues. I finally figured out how to generate the right debug keystore, using SHA1. Here's the command I used:

keytool -genkey -v -keyalg RSA -sigalg SHA1withRSA -keystore "%USERPROFILE%\.android\debug.keystore" -storepass android -alias androiddebugkey -keypass android -dname "CN=Android Debug,O=Android,C=US"

After generating it, you can see it by using the command:

keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android

The Signature algorithm should now read "SHA1withRSA". Copy the SHA1 fingerprint and paste it in the Google console "Key for Android apps", and you should be good to go.

Answer 4

Use -digestalg SHA1 -sigalg MD5withRSA with jarsigner.