How to fix the Android “Debug certificate expired” error

Upon installation, the Android SDK generates a “debug” signing certificate for you in a keystore called debug.keystore. A debug certificate is only valid for 365 days after which it generates a “Debug Certificate expired” error. To generate a new one you must delete the existing debug.keystore file. Its location is platform dependent.

Delete your debug certificate under ~/.android/debug.keystore on Linux and Mac OS X; in Windows the directory is %USERPROFILE%/.android eg in Windows 7 C:\Users\[username]\.android.  In Eclipse you can find it in Window – Preferences – Android – Build – Default debug keystore.

Eclipse will then generate a new certificate when you next try to build a debug package. You may need to clean and then build to generate the certificate.

An alternative solution is to create your own debug certificate in debug.keystore with whatever expiration you want. This solves the problem of having to delete all your development .apk files, because the new certificate doesn’t match and also having to get another development MAP-API key as well.

Do this in the .android folder under your HOME directory:

keytool -genkey -v -keystore debug.keystore -alias androiddebugkey -storepass android -keypass android -keyalg RSA -validity 14000

ADT sets the first and last name on the certificate as “Android Debug”, the organizational unit as “Android” and the two-letter country code as “US”. You can leave the organization, city, and state values as “Unknown”. This example uses a validity of 14000 days. You can use whatever value you like.

If the certificate expires in the middle of project debugging you’ll need to do manual uninstall from the emulator or device.