BASIC! Compiler Custom Certificate Howto
This howto is intended for power users only, it allows you to create your own
certificate in order to sign your Android applications (APKs) with the
Android BASIC! Compiler com.rfo.compiler
.
By following this howto you understand that your private certificate will be
stored unprotected on your Android device in the file
sdcard/com.rfo.compiler/data/key.pk8
aka the unprotected private key.
By using this howto you agree that the protection of your unprotected private key from unwanted access is your responsibility and yours only.
The creator of the BASIC! Compiler com.rfo.compiler
: Mr Nicolas Mougin
(aka mougino) cannot be held liable for any loss or misuse by a third-party of
your unprotected private key.
P0. Install Android Certificate Utilities
All following methods make use of the collection of utilities AndroCertif written by mougino.
First thing to do is to download the zip at http://mougino.free.fr/androcertif.html and unzip it in a folder on your computer.
If you have previously created a Java KeyStore (JKS), using Android Studio or Eclipse or keytool/openssl (or any other utility...) then you can directly go to paragraph P2. Convert your JKS to PEM+PK8.
Else continue to paragraph P1. Create a Java KeyStore.
P1. Create a Java KeyStore
Navigate to the unzipped folder of AndroCertif and double-click on
JKS-MAKER.exe
.
Fill all the fields of information and click Ok, then enter an Alias (can be anything, usually a nickname like "mougino") and a Password (more than 6 characters are needed) and finally save your keystore in a safe folder on your computer.
After successful creation of the JKS, answer "Yes" at the question "Convert to PEM + PK8 ?".
Two files will be created next to your Java KeyStore:
cert.x509.pem
key.pk8
(aka your unprotected private key)
Be very careful to never share these two files with anyone, particularly the unprotected private key which contains private information in clear.
You can now go to paragraph P3. Instal certificate to your Android device
P2. Convert your JKS to PEM+PK8
If you already have a Java KeyStore (JKS), navigate to the unzipped folder of
AndroCertif and double-click on JKS2PEM+PK8.exe
.
Click on the [...]
button under "1. Load the java keystore (jks)" and navigate
to your existing Java KeyStore and open it.
Type its password and press Enter.
If the password is correct, press Enter a second time, or click with the mouse
on the newly enabled button [3. CONVERT TO PEM + PKCS8]
.
Two files have now been created next to your Java KeyStore:
cert.x509.pem
key.pk8
(aka your unprotected private key)
Be very careful to never share these two files with anyone, particularly the unprotected private key which contains private information in clear.
You can now go to the next paragraph P3. Instal certificate to your Android device
P3. Instal certificate to your Android device
Plug your Android device to your computer and navigate to the internal memory
(or sdcard/
) until you're in the folder com.rfo.compiler/data/
.
Copy the two files created previously: cert.x509.pem
and key.pk8
from your
computer to this folder of your Android device.
You're done!
Now all your future compilations with the BASIC! Compiler will make use of your custom certificate instead of the default RFO BASIC! certificate.
P4. Know what certificate your APK was signed with
If you want to check that your APK has been correctly signed with your custom certificate, and not the default one, or if you have a doubt later one with what certificate an APK was signed (yours or a third-party), you can do the following:
First (if needed) plug your Android device to your computer and copy the APK you're interested in to a local folder of your computer.
Then navigate to the unzipped folder of AndroCertif and double-click on
APK-CERT-INFO.exe
.
In the "Open APK" dialog, browse to where the APK is stored. The next window shows you at a glance all the certificate information the APK has been signed with.