I have project not made by me but right now I need to fix some things, Someone added an pem certificate (private key and certificate) inside a project which allows app to communicate with server (used inside network_security_config trust anchor), the problem is that I need to build signed release apk, build process is crashing because pem cert is inside a project which is obvious rule violation, how can I add this pem cert inside a keystore(or create new one) or is there any other solution for this problem? Maybe the way of communication is bad. Thank you for any answers!
I tried to create new keystore with cert inside but no success
To include the private key and certificate from the PEM file into a keystore, you can use the keytool command-line tool that comes with the Java Development Kit (JDK). Here are the general steps:
Convert PEM to PKCS12:
This command will prompt you for a password for the keystore. Make sure to remember it, as you'll need it later.
Convert PKCS12 to JKS (Java Keystore):
You'll need to provide the keystore password and set a new password for the JKS keystore.
Add Keystore to your App:
Move the generated keystore.jks file to a secure location in your project. Update your build configuration to use this keystore for signing the release APK. For example, in your build.gradle file, you might have something like this:
Replace 'path/to/your/keystore.jks', 'your_keystore_password', 'your_key_alias', and 'your_key_password' with your actual values.
After making these changes, you should be able to build a signed release APK without violating any security rules.
Note: Always handle keystore files, passwords, and keys securely. Ensure they are not shared or stored in public repositories.