问题
I have finished developing an android application and decided to signed it with a keystore.
I have no problem for this process, but I do have a question regarding the keystore's password. I'm creating the keystore from eclipse, at Keystore selection window, i chosed to create new keystore. After i pressed next, under the Key Creation window, im required to key in details for the keystore ; alias, validity, password etc.
What i wanted to ask is, is there any difference between the password field in the Key Creation windows and the Keystore selection windows? I tried putting in same passwords for both and it works fine for me. Can i chose to put in different password? Does it affect anything for that particular keystore? Hopefully anyone could provide me an insight for this.
回答1:
Keystores hold many keys. Whereas your key is a single item contained in the keystore. They can have the same password, but that compromises your keystore if your key's password is leaked somehow. I would recommend having the keystore and key password differ.
So yes, the password fields are for two separate things because you are creating two separate items, and following good password practices, they should each have two separate passwords.
来源:https://stackoverflow.com/questions/14035636/android-keystore-password-field