是密钥存储实际的证书，或者是别名的证书？

Is the keystore the actual certificate, or is the alias the certificate?

如果我使用一个不同的别名签我的应用程序，在市场上它会搞砸了更新？或者，我需要一个不同的密钥库胡来签我的应用程序？哪里是下别名的？

If I use a different alias to sign my app, will it mess up updates on the market? Or would I need to sign my app with a different keystore to mess things up? And where is the info under alias viewable from?

推荐答案

通过的的Keytool 店对私人和公共密钥。存储在密钥库中每对或入口由一个唯一的别名​​refered。简而言之：

The keystore file generated by Keytool stores pairs of private and public keys. Each pair or entry stored in the keystore is refered by a unique alias. In brief:

密钥库入口=私有+公共密钥   对=确定的别名

Keystore entry = private + public key pair = identified by an alias

密钥库保护其个人密码，每个私钥，也保护了（可能是不同的）密码整个密钥仓库的完整性。

The keystore protects each private key with its individual password, and also protects the integrity of the entire keystore with a (possibly different) password.

例如，当您注册使用导出一个Android应用程序签名了Eclipse的Andr​​oid工具的应用程序包选项，系统会要求您先选择一个密钥库，然后要求选择一个别名/项/对从该密钥库中。提供密码为密钥库和选择的别名后，应用程序进行签名和公共密钥（证书），用于该别名被嵌入到APK。

For instance, when you sign an Android application using the Export Signed Application Package option of the Eclipse Android tool, you are asked to select a keystore first, and then asked to select a single alias/entry/pair from that keystore. After providing the passwords for both the keystore and the chosen alias, the app is signed and the public key (the certificate) for that alias is embedded into the APK.

现在回答你的问题，你只能发布一个更新到使用别名'富'签署具有相同的别名再次登录该更新的应用程序。失去，你的别名存储将prevent你释放你的应用程序的更新版本的密钥库。

Now to answer your question, you can only release an update to an application that was signed with the alias 'foo' by signing the update again with the same alias. Losing the keystore where your alias is stored would prevent you from releasing an updated version of your app.

然而，有一种方法来签订新的别名一个应用程序，但它包括使用的的密钥工具-keyclone

There is however a way to sign an app with a new alias, but it involves cloning an existing alias in the keystore using keytool -keyclone:

创建一个新的密钥库条目，   具有相同的私钥和   证书链作为原始   条目。

Creates a new keystore entry, which has the same private key and certificate chain as the original entry.

原始项被确定   别名（默认为的myKey如果   不提供）。新的（目标）   条目来标识dest_alias。如果   没有目标别名，在供给   在命令行中，提示用户   吧。

The original entry is identified by alias (which defaults to "mykey" if not provided). The new (destination) entry is identified by dest_alias. If no destination alias is supplied at the command line, the user is prompted for it.

如果私钥密码   从密钥库的密码不同，   那么条目将仅被克隆   一个有效的关键通过提供。这是   用于保护密码   与别名相关联的私钥。如果   无钥匙密码在提供   命令行，和私钥   口令是从不同   密钥库的密码，用户   提示吧。中的私钥   克隆的条目可以与被保护   不同的密码，如果需要的话。如果   没有-new选项，在提供   命令行中，将提示用户   新入职的密码（和可能   选择让它是相同的，作为   复制项的私钥）。

If the private key password is different from the keystore password, then the entry will only be cloned if a valid keypass is supplied. This is the password used to protect the private key associated with alias. If no key password is supplied at the command line, and the private key password is different from the keystore password, the user is prompted for it. The private key in the cloned entry may be protected with a different password, if desired. If no -new option is supplied at the command line, the user is prompted for the new entry's password (and may choose to let it be the same as for the cloned entry's private key).

详细信息：

http://download.oracle.com/javase/1.5.0/docs/tooldocs/solaris/keytool.html

http://developer.android.com/guide/publishing/app-signing.html