我可以使用同一个密钥库文件来签署两个不同的应用程序吗?
[英]Can I use the same keystore file to sign two different applications?
问题描述
I have to upload a new application, It's just the design that's a little different.
我必须上传一个新的应用程序,只是设计有点不同。 Yesterday I generated the keystore file to sign application.昨天我生成了密钥库文件来签署应用程序。 Can I use the same?我可以使用相同的吗?
7 个解决方案
解决方案1
105 已采纳 2011-10-07 09:42:57
You can use that keystore for any number of applications.您可以将该keystore用于任意数量的应用程序。
No need to generate a new keystore.无需生成新的密钥库。
解决方案2
47 2014-10-03 20:05:16
I'll make a counter argument to the consensus answer so far.到目前为止,我将对共识答案提出反驳。
I agree that for most app authors most of the time, sharing the same keystore/certificate/password between your apps will work fine.我同意对于大多数应用程序作者来说,在大多数情况下,在您的应用程序之间共享相同的密钥库/证书/密码可以正常工作。 The critical thing is to use " the same certificate throughout the expected lifespan of your applications " so the app can upgrade itself.关键是“ 在应用程序的预期生命周期内使用相同的证书”,以便应用程序可以自行升级。
But I can think of one very good reason to have separate keystores for separate apps or families of apps.但我可以想到一个很好的理由,即为单独的应用程序或应用程序系列拥有单独的密钥库。 If you think you might ever want to sell an app to someone else for them to publish as an upgrade to the original, you'll have to share your one-and-only keystore and password with them to do so.如果您认为您可能想要将应用程序出售给其他人,让他们作为对原始应用程序的升级发布,您必须与他们共享您的唯一密钥库和密码才能这样做。 Probably not a huge issue but a bit of worry to you and, perhaps, a due diligence issue to a big-enough buyer.可能不是一个大问题,但让你有点担心,也许,对于一个足够大的买家来说,这是一个尽职调查问题。
Also, I really don't read the same line in the documentation the same way as @ol_v_er does.另外,我真的不像@ol_v_er 那样阅读文档中的同一行。 I think the current line:我认为当前的行:
You should sign all of your apps with the same certificate throughout the expected lifespan of your applications.
(note the lack of a comma in the current version) is simply emphasizing that the 'lifetime' recommendation applies to all apps, not actually directing you to use the same certificate for all of your apps. (注意当前版本中缺少逗号)只是强调“终身”建议适用于所有应用程序,而不是实际指导您对所有应用程序使用相同的证书。
解决方案3
45 2011-10-07 10:06:09
The official documentation tells us:官方文档告诉我们:
In general, the recommended strategy for all developers is to sign all of your applications with the same certificate, throughout the expected lifespan of your applications.
https://developer.android.com/studio/publish/app-signing.html#considerations https://developer.android.com/studio/publish/app-signing.html#thinkations
So yes, try to sign all of your applications with the same certificate.所以是的,尝试使用相同的证书签署所有应用程序。
解决方案4
24 2016-05-11 21:33:53
I want to add some clarification here, because this question and the answers provided lead to confusion for me.我想在这里添加一些说明,因为这个问题和提供的答案让我感到困惑。 It is crucial to understand what a keystore actually is.了解密钥库实际上是什么至关重要。
A keystore is just a means to securely store the public/private key pair which is used to sign your Android apks.密钥库只是一种安全存储用于签署 Android apk 的公钥/私钥对的方法。 So yes, you can use the same keystore to sign multiple apks, without a problem.所以是的,您可以使用相同的密钥库对多个 apk 进行签名,而不会出现问题。 You can also use the same alias (each alias is a certificate) to sign multiple apks, and it will work.您还可以使用相同的别名(每个别名是一个证书)来签署多个 apk,它会起作用。 It has security implications, however.但是,它具有安全隐患。 If your single alias is compromised, then all of your apps will have been compromised.如果您的单个别名被盗用,那么您的所有应用程序都将被盗用。
However, if you intend to sell the rights to your apps one day, then using the same alias for all of your apps may not be a good idea.但是,如果您打算有一天出售应用程序的权利,那么为所有应用程序使用相同的别名可能不是一个好主意。 However, using the same keystore, provided you use a different alias for each apk, may not necessarily be a bad option.但是,如果您为每个 apk 使用不同的别名,使用相同的密钥库可能不一定是一个糟糕的选择。 I'm sure there is a way that you can move a certificate from one keystore to another, so that you can securely give the necessary keys for only that certificate to your buyer.我确信有一种方法可以将证书从一个密钥库移动到另一个密钥库,以便您可以安全地将仅用于该证书的必要密钥提供给您的买家。
To make it very clear, a keystore is just that, a storage medium for keys.明确地说,密钥库就是密钥的存储介质。 It plays no actual part in the process of signing an apk, but only serves to store the keys which are actually used to sign the apk.它在签署 apk 的过程中没有实际作用,但仅用于存储实际用于签署 apk 的密钥。
References:参考:
Understanding keystore, certificates and alias 了解密钥库、证书和别名
https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores
解决方案5
5 2011-10-07 09:45:39
Of course!当然! You can use the same keystore file as many times you want.您可以根据需要多次使用相同的密钥库文件。 It's always better to use the same keystore file for all the applications you develop.为您开发的所有应用程序使用相同的密钥库文件总是更好。 That will help if you want to update or modify the application.如果您想更新或修改应用程序,这将有所帮助。 At that time you need to sign your application with the same key.那时您需要使用相同的密钥对您的应用程序进行签名。
解决方案6
3 2016-12-22 09:14:26
I do sign all my apps using the same certificate (keystore).我确实使用相同的证书(密钥库)签署了我的所有应用程序。 This gives an advantage if i change my mind and want my apps to share their data.如果我改变主意并希望我的应用程序共享它们的数据,这将提供一个优势。
As you might know Android identifies each app with an UID.您可能知道 Android 使用 UID 标识每个应用程序。 If all your apps are signed by the same certificate you can request android to assign same user id more than one app and inturn make them run in a single process and share the data.如果您的所有应用程序都由相同的证书签名,您可以请求 android 为多个应用程序分配相同的用户 ID,并反过来使它们在单个进程中运行并共享数据。
From android doc android:sharedUserId来自 android 文档android:sharedUserId
android:sharedUserId
The name of a Linux user ID that will be shared with other applications.
解决方案7
3 2020-10-15 13:38:58
Recent Update最近更新
If you want to enrol in App signing by google you have to use new different key to sign your apk or bundle otherwise after uploading google console will give you error message saying如果您想通过 google注册应用程序签名,您必须使用新的不同密钥来签署您的 apk 或捆绑包,否则在上传 google 控制台后会给您错误消息
You uploaded an APK or Android App Bundle that is signed with a key that is also used to sign APKs that are delivered to users.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.