unrecognized option -keypass while getting MD5 Fingerprint of Debug Certificate for Google Maps API Key

i used linux ubuntu 10.10....... my android debug.keystore is in the location ~/.android/debug.keystore.

i used the following terminal commands as explained in http://code.google.com/android/add-ons/google-apis/mapkey.html

rakib@rakib-laptop:~/.android$ \
> keytool -list \
> -alias androiddebugkey \
> -keystore "~/.android/debug.keystore" \
> -storepass android \
> -keypass android

and it returns the fol开发者_运维问答lowing error

list: unrecognized option '-keypass'
list: Try 'list -help' for more information

i have no idea why this is not recognizing the option -keypass....... EVERYONE else is using this.

So, thanks to a series of quick participation at StackOverflow.com and at Android-Developer-googleGroup, now the solution is clear..... let me give a rundown of how I resolved it, in case any of you are having a similar problem.

my android developer debug.keystore file is in the following location in my linux

~/.android/debug.keystore

then i cd ~ and followed the steps as mentioned in the Google Projects for Android page for Obtaining a Maps API Key to get the md5 fingerprint of my debug.keystore

rakib@rakib-laptop:~$ \
> keytool \
> -list \
> -alias androiddebugkey \
> -keystore ~/.android/debug.keystore \
> -storepass android \
> -keypass android

but it returned a stupid frustrating error

list: unrecognized option '-keypass'
list: Try 'list -help' for more information

and that's when i started all the forums and discussions etc. but didn't find the right solution. After several forum posts, I figured that my simple call to keytool is referring to an unwanted keytool - a keytool that appears to be from the GNU Compiler for Java. Android rather requires the keytool from Sun/Oracle Java

Hence, i did the following to find out all the instance of different keytool programs that i have in my linux system.

rakib@rakib-laptop:~$ locate keytool

and it gave me the following list

/etc/alternatives/keytool
/etc/alternatives/keytool.1.gz
/home/rakib/java-WTK-2.5.2/bin/mekeytool
/usr/bin/gkeytool-4.4
/usr/bin/keytool
/usr/lib/jvm/java-1.5.0-gcj-4.4/bin/keytool
/usr/lib/jvm/java-1.5.0-gcj-4.4/jre/bin/keytool
/usr/lib/jvm/java-1.5.0-gcj-4.4/man/man1/keytool.1.gz
/usr/lib/jvm/java-6-sun-1.6.0.24/bin/keytool
/usr/lib/jvm/java-6-sun-1.6.0.24/jre/bin/keytool
/usr/lib/jvm/java-6-sun-1.6.0.24/jre/man/ja/man1/keytool.1.gz
/usr/lib/jvm/java-6-sun-1.6.0.24/jre/man/man1/keytool.1.gz
/usr/lib/jvm/java-6-sun-1.6.0.24/man/ja/man1/keytool.1.gz
/usr/lib/jvm/java-6-sun-1.6.0.24/man/man1/keytool.1.gz
/usr/share/man/man1/gkeytool-4.4.1.gz
/usr/share/man/man1/keytool.1.gz
/var/lib/dpkg/alternatives/keytool

Bingo!!! so many keytool instances have been located. now I need to use the one in Java-6-sun JRE. So, cd to that directory as found from the locate keytool command above

rakib@rakib-laptop:~$ cd /usr/lib/jvm/java-6-sun-1.6.0.24/jre/bin/

now that the terminal is inside the java-6-sun/jre/bin directory, i typed the following command - remember that my debug.keystore file was in ~/.android/debug.keystore ?

rakib@rakib-laptop:/usr/lib/jvm/java-6-sun-1.6.0.24/jre/bin$ \
> ./keytool \
> -list -alias androiddebugkey \
> -keystore ~/.android/debug.keystore \
> -storepass android \
> -keypass android

and voila..... that returned the MD5 fingerprint of my android debug certificate that i was looking for.

androiddebugkey, Mar 19, 2011, PrivateKeyEntry, 
Certificate fingerprint (MD5): 08:A6:77:9C:97:66:CA:00:B9:6B:82:6B:37:64:B8:14

Notice that when i was typing keytool command from the java-6-sun/jre/bin folder, you must not write JUST "keytool". you must instead write "./keytool" - with a period and a slash to imply that you are referring to the keytool inside the current directory where the terminal is.

rakib@rakib-laptop:~$ WooooooHooooooooooooooo!!!!!

PostNote: this problem of executing the wrong keytool was happening because my java-6-sun JRE was not the default java environment in my ubuntu. rather my GNU java compiler was set as the default java environment. in order to change the default Java environment in your linux machine, see the Ubuntu Community Help for Java

Your keytool appears to be from the GNU Compiler for Java. Android requires the Sun/Oracle Java, though OpenJDK may work for you as well. Try using the keytool from a supported Java environment.

Try this:

keytool -list -alias androiddebugkey -keystore .android/debug.keystore

You have not insert a pwd if it isn't configured.

I hope this will help you.

You all are missing the fact that this is a documentation bug.

Keytool's -list command does not accept the -keypass argument. It is not needed, as -list does not access the private key in any way.

If you call 'keytool' with no arguments, it tells you:

-list [-v | -rfc] [-protected] [-alias ] [-keystore ] [-storepass ] [-storetype ] [-providername ] [-providerclass [-providerarg ]] ... [-providerpath ]

Note: no -keypass

This is a documentation bug at: http://code.google.com/android/add-ons/google-apis/mapkey.html

The reason it works when you switch to using Sun/Oracle's keytool is that version does not signal an error in this case. But as you can see above -- it also specifically does not use it.

Public key cryptography is based on standards. So long as any tool can access Java's non-standard keystore format (or if you use a standard one such as PKCS12), you should be able to use that tool for any task involving actual signing, and any MD5 fingerprint you can coax a tool to show you should be equivalent.

Don't supply bogus arguments, and you should be fine with whatever keytool you end up with.

Edit: Note that it DOES accept the -storepass argument. If you have encrypted your entire keystore, and you don't supply the encryption password, then it will not understand your keystore and you'll get an error. You can supply it either with -storepass password or you can supply it on the command line when prompted. Just typing Enter when a password has been set will of course not work.

By contrast, -keypass supplies the password for a private key. It is used only in commands that actually access the private key, such as for signing.