Im having trouble to get the md5 hash (ascii) from my keystore, I just get a hex fingerprint but don't know how to get the right ascii md5 to put on facebook android app.
I just read a lot about using jdk 1.6 but I get the same result.
Regards
You should post more on what you have so far, but this is the instructions I always use to get my key hash:
You should verify that ~/.android/debug.keystore exists, and that keytool and openssl is installed on your machine.
Run the following command in a terminal:
keytool -exportcert -alias MY_ALIAS_HERE -keystore ~/path/to/my/android.keystore | openssl sha1 -binary | openssl base64
and when prompted for the pw, type android.
If it still doesn't work don't worry! Our documentation also provides another alternative by following this tutorial:
Enable debugging in our Android SDK by modifying Util.java:
private static boolean ENABLE_LOG = true;
Follow steps 6.1 to 6.3, which is mainly just making sure your app has permission to access the Internet, and SSO enabled.
Build and run the app on your phone or emulator. You should not see the permissions dialog because you did not input the application signature in your app's dashboard. Check the Android SDK debug logs via logcat (since you enabled logging in step 1), and look at your log entries for an entry with ''Android key mismatch''. This error will also provide you with the key that was sent to Facebook. Note the key's value and enter it into your Facebook app settings and make sure to save your settings.
Turn off debugging once SSO completes successfully by modifying Util.java:
private static boolean ENABLE_LOG = false;
Let me know if that helps!
Related
Background:
I let Google Play Store manage my key singing. Therefore, when creating a signed bundle in Andriod Studio I have to use the key I gave over to Google. Otherwise, when uploading the .aab Google notifies me, that the "App Bundle is signed with the wrong key". So I had to:
keytool -list -v -keystore keystorefile.jks
through all the keystore files to find the key I inititially gave over to Google.
Now following issue aroused:
When generating the signed bundle in Andriod Studio with the key that had the right signature. Andriod Studio was giving me following error message
trusted certificate entries are not password-protected
I learned here that the issue may be that the entry of the key I am using is not PrivateKeyEntry but trustedCertEntry. So I checked the entry of the key by using again the above keytool command. And yes, my key entry is trustedCertEntry.
OK, in the meantime I understood: you cannot turn a trustedCertEntry into a PrivateKeyEntry. You have to find the key with the PrivateKeyEntry - the private key.
Therefore I kept searching all my keystore with the keytool command above to finally find the one private key that has the right signature.
No further questions from my side. Back up your keys!
Trying to do a project with spring and cyphering the password. In http://cloud.spring.io/spring-cloud-config/single/spring-cloud-config.html#_encryption_and_decryption
There is at least one issue there as key-store is called keystore but I haven't found someplace without that same issue to base my work on.
Only similar issue I found is
unable to decrypt from spring config server / cleint
but there are no responses there.
I have done the following
Installed Full-strength JCE
Added this dependancy to the pom
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-rsa</artifactId>
I have two concerns. First I am trying to get it to work in Spring CLI like this:
1.- Create a key
keytool -genkeypair -alias mytestkey -keyalg RSA -dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=US" -keypass letmein -keystore server.jks -storepass letmein
2.-Encrypt something as following works but I then will be able to decrypt it without using the password so I think that defeats the purpose.
spring encrypt mysecret --key #server.jks TEST
How are the commands for encrypting and decrypting suppose to be using the password?
I haven't been able to get it to work on my project but I believe the issue is center around how I created the key. I have configured the following in case someone sees another mistake.
Relevant part of my boostrap.yml
encrypt:
key-store:
location: server.jks
password: letmein
alias: mytestkey
secret: letmein
Relevant part of my application.yml
test:'{cipher}EncryptedValue got by Step 2'
This gets me the following error
Caused by: java.lang.UnsupportedOperationException: No decryption for FailsafeTextEncryptor. Did you configure the keystore correctly?
We have had some similar problems and were able to decrypt after using a later version of the jdk. I think it was specifically jdk-8u-151 that was giving us problems. Upgrading to a later jdk fixed the issue. Hope that helps!!
I found this in the netbeans IDE:
I was pretty excited because up until this point I've been code signing my JavaFX projects like this:
<fx:signjar keystore = "${comodo.key.store}"
alias = "${comodo.key.alias}"
storetype = "PKCS12"
keypass = "${comodo.key.pass}"
storepass = "${comodo.key.storepass}"
jar = "${JFX.build.dir}/${JFXProject.name}.jar"
destdir = "${JFX.sign.dir}"/>
Which is fine. I mean, it works great and all and there's nothing wrong with it but I would really love to be able to use the Netbeans API code signer interface directly rather than drop the XML into the build file. I filled in the information in the way that seemed correct by taking the values I had in place in the XML and putting them into the interface but it didn't work and I got an error:
Going to create default keystore in "/*Not saying but it was the file name*/"
Generating Key for 3d637e48-f0d8-11e3-825a-20cf305e6ed4
keytool error: java.io.IOException: Invalid keystore format
This shouldn't even need to happen should it? I mean, I've been using this certificate for a while directly in the ant script for a while with no problem, so why is it happening now?
A bit more information: this is a Comodo certificate (if that helps).
What am I doing wrong here?
I uploaded my fully working app on Google Play and when download it from there, facebook login doesn't work!! I properly configure my facebook app and works with eclipse environment. After searching, it can be done due to facebook key hashes. However, I obtained it like:
How to generate Key Hash for facebook SDK In Mac
Seems that a key hash for distribution must be also obtained... but how? Thank you.
Alternative 1:
Use this with the app signed with your release key. Not the one that is deployed from Eclipse.
Run this piece of code in the first Activity of your app:
try {
PackageInfo info = getPackageManager().getPackageInfo(
"YOUR_PACKAGE_NAME", PackageManager.GET_SIGNATURES);
for (Signature signature: info.signatures) {
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(signature.toByteArray());
Log.e("FACEBOOK APP SIGNATURE", Base64.encodeToString(md.digest(), Base64.DEFAULT));
}
} catch (Exception e) {
// TODO: handle exception
e.printStackTrace();
}
This line: Log.e("FACEBOOK APP SIGNATURE", Base64.encodeToString(md.digest(), Base64.DEFAULT)); will log the Key Hash in DDMS.
Alternative 2:
Download OpenSSl for Windows and extract the .zip to a simple location like: c:\openssl with all the contents of the zip extracted in this folder's root.
Copy your signing key file to your JRE installation's bin folder. For example, in my case: C:\Program Files\Java\jre7\bin
While in the bin folder where you copied the signing key, Press SHIFT+ Right Click -> Open command window here.
Run this command: keytool -exportcert -alias YOUR_ALIAS -keystore YOUR_SIGNING_KEY > c:\openssl\bin\debug.txt
Enter your password for the signing key
Now, navigate to the c:\openssl\bin folder and type in the following commands:
openssl sha1 -binary debug.txt > debug_sha.txt
And then,
openssl base64 -in debug_sha.txt > debug_base64.txt
Done! The debug_base64.txt contains your Key Hash. Copy this in your app console and you are all set.
In my experiece, both the methods have given me the correct Key Hash. However, in a few cases (rather random ones), the first alternative did not give the correct Key Hash while the second alternative has always worked. See which works for you.
While generating release Hash key, Note this
When generating the hash key for production you need to use openssl-0.9.8e_X64.zip on windows, you cannot use openssl-0.9.8k_X64.zip
The versions produce different hash keys, for some reason 9.8k does not work correctly... 9.8e does.
OR
Use this below flow
This is how I solved this problem
Download your APK to your PC in java jdk\bin folder
in my case C:\Program Files\Java\jdk1.7.0_121\bin
go to java jdk\bin folder and run cmd then
copy the following command in your cmd
keytool -list -printcert -jarfile yourapkname.apk
Copy the SHA1 value to your clip board
like this CD:A1:EA:A3:5C:5C:68:FB:FA:0A:6B:E5:5A:72:64:DD:26:8D:44:84
and open Hex To Base 64 to convert your SHA1 value to base64.
Try this solution, for me I was getting the same error, but working fine now after trying hours.
Login Error: There is an error in logging you into this application. Please try again later
We have signed a JAR file using a certificate generated by MS Active Directory Certificate Services. However, when accessing it via Java Web Start we are getting the prompt that the digital signature cannot be verified even though we've installed the root CA into the certificate store on the client machine.
Now trying to look at the root CA on the client machine, using "keytool -list", I'm seeing an exception (invalid URI:file://\my_msadcs_server\path\to\CRL.crl). So now I'm not sure exactly what is going wrong.
Anyone have a suggestion or sample Java code on how I can test the downloaded JAR file's signature on the client machine in an attempt to figure out exactly why JWS is complaining? It could be that the root CA certificate has a problem (and I will chase down that avenue when my AD admin gets in) but I'd like to rule out other possibilities first. Currently the only thing I have to go on is the exception from "keytool -list", but keytool had no issues importing the root CA certificate in the first place.
Thanks in advance!,
mG.
I use jarsigner with the -verify, -verbose and -certs options. You may have to specify your -keystore, too.
I think the invalid URI message is a clue. Java file URI takes the following form: file://host/path