Getting certificate details from an apk
AndroidCertificateSigningAndroid Problem Overview
How do I go about getting the details of the certificate an apk was signed with. I have a bunch of apks signed with different certificates and I am trying to group them based on their certificate.
I can get the certificate expiry details using the jarsigner and complete my task but I was curious if I can get any more details or extract the public key ( I believe it stored in META-INF/cert.RSA but it's not readable )
Android Solutions
Solution 1 - Android
Try the following:
openssl pkcs7 -inform DER -in CERT.RSA -noout -print_certs -text
Solution 2 - Android
unzip -p Name-of-apk.apk META-INF/CERT.RSA | keytool -printcert
is what I used .
It produces information such as the owner, issuer, serial number, valid through, certificate fingerprints, signature algorithms and version.
Solution 3 - Android
The easiest of all:
keytool -printcert -jarfile file.apk
This also works for Android App Bundles (.aab)
Solution 4 - Android
Based on the existing answers, here's the command line for on-the-fly usage of openssl
(unzip & pipe the cert instead of defining an -infile
option):
unzip -p App.apk META-INF/CERT.RSA |openssl pkcs7 -inform DER -noout -print_certs -text
Solution 5 - Android
without unpacking you can use ApkSigner from Android SDK and following:
apksigner.jar verify --print-certs myApplication.apk