In this article

    How to extract base64 data from the the certificate

    • Updated
    Follow

    As mentioned in the Client app publishing article, if your app needs to be published outside of Apple’s Appstore, or is being resigned on Android for either production or testing purposes, you will need to provide us with the base64 string of the distribution certificate.

    Here are the steps to get the base64 string of the distribution certificate:

    For iOS

    1. Open the Keychain Access application.
    2. Right click on the certificate to use and select Export…​
    3. Select the file format Certificate (.cer) and save the certificate.
    4. Run the command cat <file> | base64 on the command line (where <file> is the filename of the certificate you just saved).
    5. Copy the output string of the above command in order to provide it to us.

    Alternatively, you can send us the .cer file directly (without the key) and we can do the above for you.

    The reason we require this, is to ensure that your app will be fully secured. Our protection mechanisms do not allow ANY tampering done to the final build, including re-signing or application version change. In order for the re-signing to work, we will whitelist your certificate in the build that we we will provide you.

    For Android

    If the Android app will be resigned for either testing or production purposes, we will need the base64 string of the certificate that will be used for the re-signing.

    The certificate can be exported in one of the following manners, depending on how your certificate is stored:

    Java Keystore
    If your certificate is in a Java Keystore, use the following command to export the certificate:
    keytool -keystore filename.jks -storepass password -alias name -exportcert -rfc

    Existing APK File
    If you have an existing, signed APK, then extract the relevant certificate from the META-INF directory of the APK. The file should have the extension .RSA or .DSA. Then format the certificate using the following OpenSSL command:
    openssl pkcs7 -inform DER -text -print_certs -in file.RSA

    Google Play Signing
    If you are using Google Play signing, make sure to disable "Automatic protection" and then download the app signing key certificate from Google Play and provide it to us. Please see below the instructions:

    1. Log in to Google Play Console (https://play.google.com/console/developers).
    2. Select the app you want to get the certificate for:
      eventspace.png

    3. Open "Test and Release"  > "App Integrity" in the left-side panel:
      test and releaae.png

      Please make sure to disable "Automatic protection":

      Scroll down and locate the "Automatic protection settings", then click on "settings", located in the top right corner, you will be brought to this screen:


      Make sure "Installer check" is disabled, i.e your setting should match the above screenshot.

       

    4. Make sure that under "Services" only "App signing" is enabled (says "Signing by Google Play"):
      signing.png
    5. Scroll down to "Play app signing" and select "Settings":
      play app signing.png
    6. Download the "App signing key certificate" , it should be a "deployment_cert.der" file:
      app signing key certificate.png
    7. Send the file to us.
    Was this article helpful?
    1 out of 1 found this helpful
    Return to top

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.