I have never set any passwords to my keystore and alias, so how are they created?
Signing in Debug Mode
The Android build tools provide a debug signing mode that makes it easier for you to develop and debug your application, while still meeting the Android system requirement for signing your APK. When using debug mode to build your app, the SDK tools invoke Keytool to automatically create a debug keystore and key. This debug key is then used to automatically sign the APK, so you do not need to sign the package with your own key.
The SDK tools create the debug keystore/key with predetermined names/passwords:
Keystore name: "debug.keystore"
Keystore password: "android"
Key alias: "androiddebugkey"
Key password: "android"
CN: "CN=Android Debug,O=Android,C=US"
If necessary, you can change the location/name of the debug keystore/key or supply a custom debug keystore/key to use. However, any custom debug keystore/key must use the same keystore/key names and passwords as the default debug key (as described above). (To do so in Eclipse/ADT, go to Windows > Preferences > Android > Build.)
Caution: You cannot release your application to the public when signed with the debug certificate.
Source: Developer.Android
Keystore name: "debug.keystore"
Keystore password: "android"
Key alias: "androiddebugkey"
Key password: "android"
I use this information and successfully generate Signed APK.
if you want to configure them in gradle it should look like
signingConfigs {
debug {
storeFile file('PATH_TO_HOME/.android/debug.keystore')
storePassword 'android'
keyAlias 'AndroidDebugKey'
keyPassword 'android'
}
...
}