I am getting following results:
C:\Program Files\Java\jdk1.7.0\bin>keytool -list -alias androiddebugkey -keystor
e "C:\Documents and Settings\Administrator.android\debug.keystore" -storepass a
ndroid -keypass android
androiddebugkey, May 27, 2011, PrivateKeyEntry,
Certificate fingerprint (SHA1): "Some Code"
But after entering this in http://code.google.com/android/maps-api-signup.html for getting MAP API it is showing invalid fingerprint.
Can you please guide me is the fingerprint I have got is correct or not. Because I am getting it as SHA1 and not MD5. How can I get API key??
keytool -v -list -alias alias_name -keystore my-release-key.keystore
With JDK 1.7 installed, keytool outputs by default SHA1 fingerprint, not MD5. Adding -v option allows to see MD5 as well.
Please update the page with this info, many devs are having problems trying to get a maps key.
http://code.google.com/p/android/issues/detail?id=19035
After entering key add ; and your application package name
eg. sha1 code blablabla;com.example and then generate the key.
Happy coding....
also check this tutorial and recheck steps you followed it worked for me....
Related
I got this error code
E/flutter (24478): [ERROR:flutter/lib/ui/ui_dart_state.cc(166)] Unhandled Exception: PlatformException(sign_in_failed, com.google.android.gms.common.api.ApiException: 10: , null)
and tried many options
reinstall the google service file;
re generate the debugstore, and reinstall the SHA1 and SHA256 certificates
build different apps with similar login method:
final GoogleSignInAccount googleSignInAccount = await googleSignIn.signIn();
So far no one option success. :(
finally I found out myself that the debug key was not generated correctly, and I used the wrong SHA1. After finding out the debug keystore location, and generated the key accordingly, the problem resolved.
PS D:\sam_flutter_project\pictorial_groupbuy_v3> keytool -list -v -alias androiddebugkey -keystore "C:\Users\notebook.android\debug.keystore"
I am trying to use google maps in my xamarin.forms application. when I run the application, I get the message saying that there are deployment errors
2>C:\Program Files\Java\jdk1.8.0_161\\bin\jarsigner.exe -keystore "C:\Users\e245737\AppData\Local\Xamarin\Mono for Android\debug.keystore" -storepass android -keypass android -digestalg SHA1 -sigalg md5withRSA -signedjar bin\Debug\\com.test.and-Signed-Unaligned.apk C:\VisualStudioMobileApplication\and\and\and.Android\obj\Debug\android\bin\com.test.and.apk androiddebugkey
2>No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2048-02-09) or after any future revocation date.
2>C:\Program Files (x86)\Android\android-sdk\build-tools\27.0.3\zipalign.exe 4 "C:\VisualStudioMobileApplication\and\and\and.Android\bin\Debug\com.test.and-Signed-Unaligned.apk" "bin\Debug\\com.test.app1-Signed.apk"
2>Unexpected install output: pkg: /data/local/tmp/com.test.app1-Signed.apk
2>Failure [INSTALL_PARSE_FAILED_MANIFEST_MALFORMED]
My package name is all lower case. Below is the name.
com.test.app1
I am not sure about this below error:
No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2048-02-09) or after any future revocation date.
My androidManifest.xml file looks like this:
my properties file looks like this:
any help will be appreciated.
As per documentation to enable cluster metrics, I should create re-encrypting route as per the below statement
$ oc create route reencrypt hawkular-metrics-reencrypt \
--hostname hawkular-metrics.example.com \
--key /path/to/key \
--cert /path/to/cert \
--ca-cert /path/to/ca.crt \
--service hawkular-metrics
--dest-ca-cert /path/to/internal-ca.crt
What exactly should I use for these keys and certificates?
Are these already exists somewhere or I need to create them?
Openshift Metrics developer here.
Sorry if the docs were not clear enough.
The route is used to expose Hawkular Metrics, particularly to the browser running the OpenShift console.
If you don't specify any certificates, the system will use a self signed certificate instead. The browser will complain that this self signed certificate is not trusted, but you can usually just click through to accept it anyways. If you are ok with this, then you don't need to do any extra steps.
If you want the browser to trust this connection by default, then you will need to provide your own certificates signed by a trusted certificate authority. This is exactly similar to how you would have to generate your own certificate if you are running a normal site under https.
From the following command:
$ oc create route reencrypt hawkular-metrics-reencrypt \ --hostname hawkular-metrics.example.com \ --key /path/to/key \ --cert /path/to/cert \ --ca-cert /path/to/ca.crt \ --service hawkular-metrics --dest-ca-cert /path/to/internal-ca.crt
'cert' corresponds to your certificate signed by the certificate authority
'key' corresponds to the key for your certificate
'ca-cert' corresponds to the certificate authorities certificate
'dest-ca-cert' corresponds to the certificate authority which signed the self signed certificate generated by the metrics deployer
The docs https://docs.openshift.com/enterprise/3.2/install_config/cluster_metrics.html#metrics-reencrypting-route should explain how to get the dest-ca-cert from the system
First of all and as far as I know, note that using a re-encrypting route is optional. The documentation mentions deploying without importing any certificate:
oc secrets new metrics-deployer nothing=/dev/null
And you should be able to start with that and make hawkular working (for instance you'll be able to curl with '-k' option). But re-encrypting route is sometimes necessary, some clients refuse to communicate with untrusted certificates.
This page explains what are the certificates needed here: https://docs.openshift.com/enterprise/3.1/install_config/cluster_metrics.html#metrics-reencrypting-route
Note that you can also configure it from the web console if you find it more convenient: from https://(your_openshift_host)/console/project/openshift-infra/browse/routes , you can create a new route and upload the certificate files from that page. Under "TLS termination" select "Re-Encrypt", then provide the 4 certificate files.
If you don't know how to generate self-signed certificates you can follow steps described here: https://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/ . You'll end up with a rootCA.pem file (use it for "CA Certificate"), a device.key file (or name it hawkular.key, and upload it as private key) and a device.crt file (you can name it hawkular.pem, it's the PEM format certificate). When asked for the Common Name, make sure to enter the hostname for your hawkular server, like "hawkular-metrics.example.com"
The final one to provide is the current self-signed certificate used by Hawkular, under so-called "Destination CA Certificate". OpenShift documentation explains how to get it: run
base64 -d <<< \
`oc get -o yaml secrets hawkular-metrics-certificate \
| grep -i hawkular-metrics-ca.certificate | awk '{print $2}'`
and, if you're using the web console, save it to a file then upload it under Destination CA Certificate.
Now you should be done with re-encrypting.
I've deployed Keycloak on WildFly 10 via Docker. SSL support was enabled via cli. Final standalone.xml has:
<security-realm name="UndertowRealm">
<server-identities>
<ssl>
<keystore path="keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="changeit"
alias="mydomain" key-password="changeit"/>
</ssl>
</server-identities>
</security-realm>
Undertow subsystem:
<https-listener name="default-https" security-realm="UndertowRealm"
socket-binding="https"/>
Key was generated and placed in $JBOSS_HOME/standalone/configuration
keytool -genkey -noprompt -alias mydomain -dname "CN=mydomain,
OU=mydomain, O=mydomain, L=none, S=none, C=SI" -keystore
keycloak.jks -storepass changeit -keypass changeit
Port 8443 is exposed via Docker.
Accessing https://mydomain:8443/ in chrome results in ERR_CONNECTION_CLOSED. Firefox returns "Secure Connection Failed, the connection was interrupted..."
However, OpenSSL client works nicely:
openssl s_client -connect mydomain:8443
Input:
GET / HTTP/1.1
Host: https://mydomain:8443
This returns the Keycloak welcome page.
So clearly WildFly is working but I am being blocked by the browsers for whatever reason. What could this reason be? I was under the impression that I should be able to add an exception for self signed certificate in either browser. Maybe the generated key length is too short or maybe I am hitting some other security constraint imposed by Firefox/Chrome?
Using these parameters in keytool solved the problem: -keyalg RSA -keysize 2048
... -dname "CN=mydomain
The certificate is probably malformed. The Browsers and other user agents, like cURL and OpenSSL, use different policies to validate a end-entity certificate. The browser will reject a certificate if the hostname is in the Common Name (CN), while other user agents will accept it.
The short answer to this problem is, place DNS names in the Subject Alternate Name (SAN), and not the Common Name (CN).
You may still encounter other problems, but getting the names right will help immensely with browsers.
However, OpenSSL client works nicely:
openssl s_client -connect mydomain:8443
OpenSSL prior to 1.1.0 did not perform hostname validation. Prior version will accept any name.
cURL or Wget would be a better tool to test with in this case.
For reading on the verification you should perform when using OpenSSL, see:
SSL/TLS Client
For reading on the rules for hostnames and where they should appear in a X509 certificate, see:
How do you sign Certificate Signing Request with your Certification Authority?
How to create a self-signed certificate with openssl?
I develop facebook integration with android. App is running in build mode its working fine but while run in realise mode app is not working. How can i resolve this problem? I got error " Invalid Key Hash XXXXXXXXXXX does not match any stored key hashes .
For people looking for answer:
We need to add both- release and debug keys under your project in Facebook developer site.
Here are the steps I followed:
create keystore by running this command:
...\Java\jdk1.7.0_01\bin>keytool -exportcert -likeytool -genkey -v -keystore <APP_NAME>.keystore -alias <APP_NAME> -keyalg RSA -validity 999999
You have already added the debug key. Now generate a release key and add it under you project.
..\Java\jdk1.7.0_01\bin>keytool -exportcert -alias -keystore .keystore file> | openssl sha1 -binary | openssl base64
Sign your app in the release mode.