To verify the APK signing certificate fingerprint on Linux, you can use the `keytool` command, which is part of the Java Development Kit (JDK). Here's a step-by-step guide:
1. **Extract the certificate from the APK**:
First, you need to extract the certificate from the APK file. You can do this using the `unzip` command to locate the `META-INF` directory within the APK, which contains the certificate files.
```sh
unzip -p your_app.apk META-INF/CERT.RSA > CERT.RSA
```
Replace `your_app.apk` with the name of your APK file. The `CERT.RSA` file name might differ depending on how the APK was signed. It could be named `CERT.SF` or `MANIFEST.MF`.
2. **Use `keytool` to print the certificate fingerprint**:
Now that you have extracted the certificate, use the `keytool` command to print the fingerprint.
```sh
keytool -printcert -file CERT.RSA
```
This command will output the certificate details, including the fingerprint.
Here's the entire process summarized in a script:
```sh
#!/bin/bash
APK_FILE="your_app.apk"
CERT_FILE="CERT.RSA"
# Extract the certificate from the APK
unzip -p "$APK_FILE" "META-INF/$CERT_FILE" > "$CERT_FILE"
# Print the certificate fingerprint
keytool -printcert -file "$CERT_FILE"
```
Replace `your_app.apk` with the name of your APK file and `CERT.RSA` with the correct certificate file name if it differs.
### Explanation:
- **unzip -p**: Extracts the file to standard output.
- **keytool -printcert -file**: Prints the certificate information, including the fingerprint.
The fingerprint can be of different types (SHA-1, SHA-256). The `keytool` output will display these, typically under the "SHA1" and "SHA256" labels.
If you don't have the `keytool` installed fc mobile events, you may need to install the JDK. On most Linux distributions, you can install it using the package manager. For example, on Ubuntu:
```sh
sudo apt update
sudo apt install default-jdk
```
This will install the default JDK, which includes the `keytool` utility.
Topic: How to verify the APK signing certificate fingerprint? (linux) (Read 154 times)
Hi btctalk!
I'm stumped on how to "import GPG key" on this apk file. I'm on linux and been trying for a couple days.
https://github.com/Blockstream/green_android
Can anyone point me to a resource to accomplish this? Mayo Clinic Patient Portal App
Thank you!
I'm stumped on how to "import GPG key" on this apk file. I'm on linux and been trying for a couple days.
https://github.com/Blockstream/green_android
Can anyone point me to a resource to accomplish this? Mayo Clinic Patient Portal App
Thank you!
Hello,
To import a GPG key for the APK file from the GitHub repository "Blockstream/green_android" on Linux, follow these steps:
Download the repository's GPG key: gpg --recv-keys
Verify the APK signing certificate fingerprint:
jarsigner -verify -verbose -certs
For detailed instructions and troubleshooting, refer to the repository's documentation or GPG and APK signing guides online.
I really appreciate the help vv181! I looked at a lot of places for help except blockstreams articles. 
I thought it would be simpler if they just put the code on their github page.
Thank you!
I thought it would be simpler if they just put the code on their github page.
Thank you!
As shown at https://help.blockstream.com/hc/en-us/articles/900002174043-How-do-I-verify-the-Blockstream-Green-binaries-, you can do:
If it fails, try:
Code:
$ gpg --keyserver keyserver.ubuntu.com --recv-keys "04BE BF2E 35A2 AF2F FDF1 FA5D E7F0 54AA 2E76 E792"
If it fails, try:
Code:
$ gpg --verbose --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys "04BE BF2E 35A2 AF2F FDF1 FA5D E7F0 54AA 2E76 E792"
Hi btctalk!
I'm stumped on how to "import GPG key" on this apk file. I'm on linux and been trying for a couple days.
https://github.com/Blockstream/green_android
Can anyone point me to a resource to accomplish this?
Thank you!
I'm stumped on how to "import GPG key" on this apk file. I'm on linux and been trying for a couple days.
https://github.com/Blockstream/green_android
Can anyone point me to a resource to accomplish this?
Thank you!
Jump to: