Got a certificate to sign the android unsigned release apk files, So I imported the cer using command:

keytool -import -alias alias_name -file cer_name.cer -storepass changeit  -keystore my_keystore.keystore

But when signing the app with android studio it produces error:

Error:Execution failed for task ':packageDebug'.
> com.android.ide.common.signing.KeytoolException: Failed to read key alias_name from store "C:\Users\username\my_keystore.keystore": trusted certificate entries are not password-protected

My deductions said that because the keys are not password protected so i tried again and set the password for keys using:

keytool -import -alias alias_name -file cer_name.cer -storepass changeit -keypass changeit -keystore my_keystore.keystore

But still the error persist.

I also tried with manual procedure with jarsigner:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my_keystore.keystore unsigned-release.apk alias_name

Got error:

jarsigner: Certificate chain not found for: alias_name.  alias_name must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

Please help I am unable to get relevant post on this error for Android apk signings

*.cer files usually only contain certificates, not the private key needed to sign an APK.

List the content of the keystore :

keytool -list -v -keystore my_keystore.keystore

And look for the Entry type: line (for the corresponding alias). The value must be PrivateKeyEntry, not trustedCertEntry

I highly recommend getting Keystore Explorer. This program saved my life more than once when I was having some keystore and cert issues. It's free and open source, and an easy to navigate GUI. It can make new keypairs and import existing key pairs into your keystore. I started using it about 3 years ago and it is still in my folder for dev tools.

If you are using android studio there is a very simple solution to sign apk follow the below steps Go to Android Menu -> Find Build -> Generate Signed APK... after that new window appeared -> click on Create new... button. Next enter details as like shown below and click OK -> Next. -> Choose key store path that you want to store your .jks file for future use -> set your desired password that you want -> set Alias Name -> password -> Fill certificate details -> click next

next window will appear as below screen shot

Choose directory that you want to signed .apk will store ( otherwise it will generate inside app folder -> release ) -> choose signature version -> click finish

Wait until APK generated successfully