My app curtently uses apk without storing sign key on Google servers. I want to create closed alpha test with new Flutter app version and app bundle. As far as I understand, I am forced to store key on Google servers. So, is it possibile to:
keep production version as apk in PlayStore
create new alpha version that uses app bundle and key is stored on Google servers
I want to keep my current key, I don't want Google to generate new one because first - key hash is used to configure some services like Firebase and Facebook login so it can't be changed, second alpha version needs to use the same key as stable production version.
Of course, curtently both app versions are the same package name and the samy signing key is used to sign release build. In the future, alpha version will be promoted as new stable (when testing finished).
I was unable to find any straightforward way to do what I want, especially Google always proposes to generate new signing key.
Any tips?
If you have an existing app, Google Play does not generate a new key when you enroll in Play Signing. You are prompted to give Google your existing key which it will use to sign the APKs it produces from the app bundle.
Note: I'm not sure where you have seen that Google "always proposes to generate a new signing key", a screenshot would be helpful to understand better where this is coming from. The only time Google would offer to create a new key is when you create a new app but you seem to suggest that you have an existing app, so this isn't it.
It seems that you could just enroll in Play Signing by giving your key to Google, then upload app bundles the same way you were uploading APKs before (in whichever release channel).
Related
I have a situation where my current app signing key is lost, now we want to upgrade our current application with new key but
we dont want to upload a new application. We were managing the key by ourself only since its very old app around 10 years old.
I have read the articles were we can request a key upgrade but that is not applicable for me as singing key is not managed by Google.
I have also came through Key rotation provision from Android 9+ but that is not yet possible to upload on Play store.
I don't have any idea if we can request google to allow us to upgrade our app with new signing key without uploading new app.
Let me know if there is any way we can use?
If you don't use Play Signing and you lost your signing key, then your only option is to create a new app / a new package name.
My client has given me an android project to fix some errors and add new features. This app was created and published on google play console by another programmer who currently has gone. So, now comes time to upgrade to the new version, but I don't have the original signing key. So my client said me to create a new app in google play console and put the new upgraded version. But when I tried to upload signed bundle with new keystore I got this error
my build gradle picture
enter image description here
What can I do in order to solve this problem?
Upd: Same error when I upload release version. Also when I upload bundles of other projects to the app, no error occur.
Upd2: If my client request for 'Upgrade your app signing key for new installs'. Will it help?
You have to upload the app-release.aab not that app-debug.aab. It should be in the app/release folder while the debug one should be in the app/build/outputs/apk/debug.
Firstly, if you're getting an error that the AAB isn't signed, then you're not signing it. If you use the wrong key, you get an error saying the upload key doesn't match. Here's the instructions on how to sign your app
If you don't have the original app signing key, you can't update the app anymore. You'll have to create a new one, which is basically a completely new app with no connection to the original. And I'm not sure if having two apps with the same applicationId (i.e. kg.ilimbox.mobile) on the same developer account would be a problem, it's meant to be unique.
But you might be ok if your app is enrolled in Play App Signing though - basically how that works is the Play Store holds your app-signing key, and it uses that to sign APKs created from the AAB bundles (the bundles allow it to create custom APKs for a specific device, and those need to be signed with the app key, so the Play Store needs to have that).
In this case, when you upload an AAB, you're signing it with an "upload key", which is basically how the Play Store checks it's an authorised upload. And you can ask them to reset that certificate, so you can use a different key. They push this as a feature, so that if you lose your key, you don't lose the ability to update the app (because Google holds the actual app signing key)
There's a link to the key change request process in that last link - you basically have to contact them while logged into the developer account (so they can see your email matches the one associated with the account), you create a new upload key and give them the certificate, and they'll update your app entry so you use that new one to sign AABs. You won't be able to upload for a few days though. You can see the current app signing and upload certificate hashes under App integrity, so you'll be able to see when they update
You can request an app signing key upgrade (one time only) but ideally you won't need that, it's better to update the upload key if you have the option
So, here I write how I solve this problem.
Change application id in module build gradle file
delete testCoverageEnabled in module build gralde
b
buildTypes {
release {
testCoverageEnabled true
}
}
Clean project
change version code
I have this application which was made in 2015. I have updated that application and now I want to upload the updated version to play store. But unfortunately, it is giving me an error that the SHA1 key is different. I am attaching the image below. Play store console SS
Furthermore, the organization that I am working for, does not have any information about the key store password or Alias. There is literally no information about the previous version. Therefore, I am totally clueless how to update this application in google play store
Without SHA1 Key you can not generate another Signed APK to upload . You must need that key in order to generate new signed APK to Upload .
Google will not re-sign any of your existing or new APKs that are signed with the app signing key. This enables you to start testing your app bundle in the open, closed, or internal test tracks while you release your existing APK in production without Google Play making any changes to it.
This basically means that the you are trying to generate a signed apk using a different certificate than the one that was used to sign the original apk. If you cant get a hold of the hold certificate you will have to create a new one (what I think you have already done), generate a signed apk then publish it as a new app on the play store. You will have to un publish the old application though. Try using a slight change in the package name like a change from small letter to capital letter eg from "com.example.company" to "Com.example.company"
It is precisely this problem that caused Google Play to introduce Google Play App signing. If your app is opted in, then Google looks after your signing keys, and if you lose the information, then Google Play support can help you change the upload key.
However, if you are not opted in to Google Play app signing there is nothing you can do.
The best option is, as other people have said, unpublish the old app, create a new one, and this time opt in to Google Play App Signing so it doesn't happen again.
I uploaded an app on google play but made it accidentally free. Now i want to upload the same app again and make it paid. How do i make that? When I try to upload the apk again, it says:
You uploaded an APK or Android App Bundle that is signed with a key that is also used to sign APKs that are delivered to users. Because you are enrolled in app signing by Google Play, you should sign your APK or Android App Bundle with a new key before you upload it.
How do I sign a new key (please explain this to a newbie, im not a programmer, I created an apk file with thinkable)
There are two things you need to be aware of:
First, no two apps in the store can have the same package name (i.e. unique identifier). In Thunkable, the package name is com.{username}.{appname}, so you will need to change either the username of the app name before uploading your new app.
Then, there is the question of the keystore (See "Keystores" section in Thunkable docs). It seems that you opted out of "Play Signing" for the first app you created, and now you opted in for your second app, but used the same cryptographic key for both apps. This can lead to security issues when you use the same key for two different purposes (simplifying a bit, sorry). Thunkable unfortunately does not seem to support generating new keystores, so you have two options: 1) Create a new account with Thunkable (which should generate a new keystore), or 2) Opt out of "App Signing by Play" when you're prompted in the Play Console when you upload your app.
Hope that helps! Good luck :)
I've an apk uploaded in google console and app is published already. I've lost the password for the certificate I used before.
I did try creating a new one but google console rejected the binary and insisting to re-use the original certificate to sign the app.
Please advice.
This is not a Google Play requirement, it is an Android requirement. In order for an update to install, the App must be signed with the same signing key as the previous version. There is no alternative.
I strongly recommend for new versions of your App, you switch to Google Play App signing. With this model, Google stores the App Keys (and they are probably better at not losing the key or the password than you). You have a secure upload key, but if you lose it, Google Play support can issue you with a new one.
All you can do in this situation if you have really lost the key is publish a new version of your app with a new package name, unpublish your old version, and try to get existing users to move over using communication mechanisms like email. I recommend you use Google Play App Signing for your new version.
Have you tried contacting google developers support? For example, go here and click on "No". Then continue: fill the form and submit.