How do I sign my android app bundle with the correct signing key?
I was banging my head on the table over this for about two hours. When I finally gave up and was filling out my "reset key" request, I realized that I was currently attempting to upload it to the wrong project the whole time.
So, step one: confirm that you're attempting to upload to the correct project.
I tried using the multiple answers here & in this question, but somehow I was getting this error because I had some issues with my android/app/build.gradle and android/gradle.properties files.
Two things you should check (in addition to the other solutions here) are:
In android/gradle.properties and android/app/build.gradle, make sure your keystore variables match exactly.
In android/gradle.properties, you probably have something like this:
MYAPP_RELEASE_STORE_FILE=<>
MYAPP_RELEASE_KEY_ALIAS=<>
MYAPP_RELEASE_STORE_PASSWORD=<>
MYAPP_RELEASE_KEY_PASSWORD=<>
Make sure these variable names exactly match those in android/app/build.gradle:
android {
...
signingConfigs {
release {
if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
storeFile file(MYAPP_RELEASE_STORE_FILE)
storePassword MYAPP_RELEASE_STORE_PASSWORD
keyAlias MYAPP_RELEASE_KEY_ALIAS
keyPassword MYAPP_RELEASE_KEY_PASSWORD
}
}
}
}
In android/app/build.gradle, make sure you set signingConfig to signingConfigs.release in your release buildTypes:
android {
...
buildTypes {
debug ...
release {
signingConfig signingConfigs.release
}
}
}
The error suggests that you have uploaded an APK or an App Bundle previously. All the artifacts you upload to the Play Console should all be signed with the same keystore.
So the error means that you signed the App Bundle with a key that is different than the ones you have uploaded previously. You have to either find that keystore you used before or reset the key by contacting Play Console support team.
Just rebuild the project and generate signed apk once again and try !
Wasted my 2 days on this, had my keystore key but still showed error and request google for generating new key.... Read some random stackoverflow, where it was written to rebuild the project and try uploading once again.. IT WORKED !
there is **sign in key ** just click and upload with new keystore file that created manually
Read this is you have requested a new upload key from Google Play and still get this error (should work for both native Android and Flutter as well).
I had experienced the same problem. And here's out steps on how to resolve it:
We've lost the upload key (initial keystore file, probably .jks) that was used to sign the app.
We created a new keystore file and exported created certificate to PEM format as stated here in the docs. We sent the request to the Google Play Team to reset our key, attached .pem file.
When Google Play team reset the key we've tried to use the new .jks keystore we had created in the step 2 and the error appeared one more time, unfortunately.
The solution is to clean your project, rebuild it from scratch to reset all the cached builds.
In case of Flutter (we had this error building the app using Flutter). Make sure you use
flutter clean
Build the application on simulator or device.
Then run:
flutter build appbundle --release
This is how it was solved in our case.
PS. This should also help on native Android too.
I got the same error :
In my case, I was trying to upload debug version. That caused me this error.
So I changed below line in app-level Gradle:
signingConfig signingConfigs.debug
With:
signingConfig signingConfigs.release
Well after wasting hours on this problem ,Below Solution works for me -
When you are creating signed bundle it gets saved to some location,
Then when it gets rejected,
you went again to make new Signed Bundle,
Well thats where the mistake happens.
See when now you will create another signed bundle,
you sign it another folder , assuming that previous one was made last time,
, make sure you store the signed key in the "SAME FOLDER",
No need to make any new signed key path ,
JUST use the path you used while doing it for First time.
See this image,
use the same path which you have used during first time
Use the same JKS FILES as you have used for the first time.
NOW WHEN YOU WILL MAKE BUNDLES FILE,
IT WILL BE HAVING THE CORRECT KEY.
Thank You!!!
React Native here!
I got this error after trying to upload the generated .aab file from the ./gradlew bundleRelease command. I fixed it by exporting the .aab file by using Android Studio again. I believe that this is the way to upload your first .aab file to Google Play anyway. In case you don't know how:
In Android Studio:
Open you React Native's project android folder
Go to Build -> Generate Signed Bundle / APK
Select Android App Bundle
Enter your key-store details (if this is your first time doing this, you have to check the Export encrypted key checkbox, which you can use for Google Play App signing) and click Next
When Android Studio finishes it gives you the option to locate the file(s) created
Now if you upload this .aab file, it should be accepted.
Late answer(for any one possibly still struggling with this topic)-
You may have forgot the .jks file of that project.
Search for .jks files in File explorer.
Connect it to your project.
I realized that when I upload apk it gives more detailed error. so maybe try that solve errors and maybe then try app bundle.
hope it helps.
For those who have released apk without a manually generated keystore and facing this issue when trying to release the apk or bundle from a different machine, follow the below steps:
Copy debug.keystore (C:\Users\username\.android\debug.keystore) from the machine which used to build the first version of the App
Select Build > Generate Signed Bundle/APK
Provide the Key store path to the debug.keystore file
Fill the other fields with the default values mentioned below and build
Keystore name: "debug.keystore"
Keystore password: "android"
Key alias: "androiddebugkey"
Key password: "android"
CN: "CN=Android Debug,O=Android,C=US"
Make sure you are using the correct JKS for App Signing.
Common developer error, Android app with multiple flavours sign bundle using different JKS file.
In google play console I solved this issue by going to the aab archive tab and removed all existing versions there. Then I went back to production and choose change key for app signing. After this I could successfully upload my aab file.
I just discarded the previous release and then create a new release and uploaded the app-release.aab.
I have tried nearly everything that for a moment thought it must have been easier.
This is for new releases
If it is a new release just ignore it, create a new release ( create a new app ) and make sure you choose a different package name. This time also make sure there is nothing left between the folder you copied and new project
I got the same error and it consumed my lot time
Here the simple solution just change debug
signingConfig signingConfigs.debug
to release
signingConfig signingConfigs.release
What I did was exclude my android files from git, then when I changed branch and rebuilt, my build.gradle file was overwritten.
I am using expo to build my app bundle. In my case, I had to:
Manually create a new keystore file.
Or download your existing keystore using command expo fetch:android:keystore
Download the Upload certificate of my app from Google Play Console
Import the Upload certificate of the app into the newly created keystore file, giving it a key alias and a password. This is easily done using the java keytool. In MacOS is in the path so issue a keytool -h to see the various commands available.
run expo ba -c , took the manual route and when asked, I specified the keystore file I created in step 1.
I had the same error when building a signed Android App Bundle.
For debug purposes on the local maschine, I enabled debuggable in the release build type.
It seems, Playstore recognized an debug build and simply said it is not a valid Bundle.
build.gradle:
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
//debuggable = true <----- Works like expected when disabled
}
}
This is worked for me!
While uploading apk/bundle first time to play store you might generated
private_key.pepk then your key might be also changed. So if you selected default key alias key0 then make sure you selected proper alias then only proceed. If that steps is correct then your bundle will be upload successfully.
I got the same error :
enter image description here
In my case I changed :
android {
compileSdkVersion 30
with
android {
compileSdkVersion 31
and
targetSdkVersion 30
with
targetSdkVersion 31
and it worked. Hope it will work for you.
if you lost your upload-keystore.jks file then either you have to reset the upload signing key or create a new app with new app bundle.
for reset the upload the key-store.jks follow the link below.He has explained very nicely how to do that. reset the signing key
Wowwww it it took me so long to understand why it is not working....
I changed the app key and send it to google and thy sent me to do:
"
Follow the instructions in the Android Studio Help Center to generate a new key. It must be different from any previous keys. Alternatively, you can use the following command line to generate a new key:
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
This key must be a 2048 bit RSA key and have 25-year validity.
Export the certificate for that key to PEM format:
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Reply to this email and attach the upload_certificate.pem file.
"
i did it and the 1 thing that miss is to change in my keyAlias in the build.gradle to upload 🤦♂️
If you are using Fastlane, just check that you are actually typing the right passwords.
When trying to run the flow to upload to the play store, I was typing wrong the passwords for the signing store and alias key.
If you are publishing app to playstore and find error Your Android App Bundle is signed with the wrong key. Ensure that your app bundle is signed with the correct signing key and try again:
Then,
If you have not generated/changed app bundle or rebuild/clean project before reaching the current state displayed in pic then make sure to make new app project on play console as play console might be mixing the two keys.
image
It Worked for me with this solution
I rebuild the project in Android Studio then i changed the version code, and export the project with new keystore
in my console i deleted the release and create a new release and it worked good
Here I downloaded the source code (tutorial from Google) authorization via Google.
If you run a debug version everything works as planned. But if you install and run the release version, it does not work in the emulator or on a real phone.
Tell me what's the problem? Maybe the problem with SHA1. When I do "gradle" -> "signingReport".
I get the following:
Variant: releaseUnitTest
Config: none
----------
Variant: debugUnitTest
Config: debug
Store: C:\Users\******\.android\debug.keystore
Alias: AndroidDebugKey
MD5: <some code****>
SHA1: <some code*****>
Valid until: <date***>
----------
Variant: release
Config: none
----------
Variant: debugAndroidTest
Config: debug
Store: C:\Users\******\.android\debug.keystore
Alias: AndroidDebugKey
MD5: <some code****>
SHA1: <some code*****>
Valid until: <date***>
----------
Variant: debug
Config: debug
Store: C:\Users\******\.android\debug.keystore
Alias: AndroidDebugKey
MD5: <some code****>
SHA1: <some code*****>
Valid until: <date***>
Also, one person said about it the next thing:
The release version does not work because signed others certificate and its fingerprint you are not registered in Developer Console.
But I do not understand what it means.
It looks like few months since this question asked but I will Answer It anyway If anyone ran in to same problem
You have to find SHA1 code for Release Key & enter it on your Developer Console. ( for me developer console is firebase some people might use different services) To find SHA1 Code . easy way is
Go to Build --- Select Build Variant -- On the left Side Select "Release" as build variant -- now go to module settings ( or try to run project , android studio will tell you about a error and click fix error button) --- Select Signing tab --- add your release key and passwords -- now goto build types -- select release -- on signing config select your release key config -- now run your project -- now run your signing report --- you can find SHA1 under release build -- enter that sha1 code on your developer console
I've set up 2 Client IDs for Android application in the GoogleDriveAPI console: the first for the release APK and the second for Debug purposes. Everything ok with the released app, but my issue is only related to the second Client ID.
I'm getting this exception: com.google.api.client.googleapis.extensions.android.gms.auth.GoogleAuthIOException
after the following lines:
Drive.Files.List request;
request = service.files().list();
String query = "mimeType='application/vnd.google-apps.folder' AND trashed=false AND title='" + title + "' AND '" + parentId + "' in parents";
request = request.setQ(query);
com.google.api.services.drive.model.FileList files = request.execute(); // <=I'm getting the exception here
I'm using ADT on windows, I've obtained the sha1 fingerprint for debug keystore from Windows->Preferences->Android->Build for the debug mode, but the Google Drive API authorization fails! Why?
The (only) solution I've found is to use the "Release" Client ID also in Debug mode, with a custom fingerprint (and that actually works).
Try this:
Take the *.apk file that isn't working (DEBUG.apk), I don't know what's your IDE, so I can't tell you where to find it, but it should be easy.
Open the '*.apk' file in 7-zip or similar unzipper and find 'META-INF\CERT.RSA' file in the archive. Unzip it, for instance to your ...\desktop\
Run 'keytool -printcert -file ...\desktop\CERT.RSA'.
You should see the SHA1 of the APK file in question, compare it with the SHA1 you registered in the console. Double-check the package name as well. PackageName-SHA1 combination is what authorizes the app version with Google Drive.
I vaguely remember this happening to me after re-installing/upgrading my IDE or moving project to another machine (basically generating different debug SHA1 than I registered).
I know it is a long shot, but this is what I use when run into trouble.
We have a third party app that has been created for us, but that we will maintain going forward.
They have built the apk and signed it with their own key, but in order for us to upload it and to use our key I have had to resign it.
For this I used https://code.google.com/p/apk-resigner/
Now I'm trying to compare their apk with my resigned one, but am not 100% sure what to do.
I've tried doing
jarsigner -verify -keystore my_keystore_location -verbose -certs my.apk
and i've received lots of files with smk on them. This would make sense following the key
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
but then when I run the third party apk that still has their key, I also get smk on the files, which shouldn't happen as that would say it has been signed with a key in my keystore!?
Any ideas anyone?
Thanks
I'm not exactly sure if this works but I spotted it in package manager :
http://developer.android.com/reference/android/content/pm/PackageManager.html#checkSignatures(java.lang.String, java.lang.String)
Its supposed to be able to take your first package(your own)'s signature and compare it with your third party app's signature. This is ran on the android app and not on your development platform(Windows, Mac, Linux etc).
Looking at the documentation, if 0 is returned, the signature matches. If 1 is returned, neither are signed. -3 for no match. -2 for not second package not signed and -1 for first package not signed. -4 if either packages are invalid.
This code is working for me :
final PackageManager pm = getPackageManager();
System.out.println(pm.checkSignatures("com.testing1", "com.testing2"));
Dear All,
I have successfully made an application using Sencha touch 2 it's
working fine in my Android device, also on Tablet and emulator. But
the problem is that the apk file could not be uploaded on Android Market it shows
me a error:
.apk is not signed also validity year 50 Error in Google market -:
Google Play does not accept apks signed with the debug certificate.
Create a new certificate that is valid for at least 50 years.
I have changed my certificate also "configuration":"Release"
but not get any success. Dear i am also sharing my whole configuration
file. If you find any of the error inside the configuration file
please let me know about it. Any of the suggestion is appreciated.
Thank in advance.
Code in Configuration file is that-:
{
"applicationName":"navi",
"applicationId":"com.amit.navi",
"versionString":"1.0",
"iconName":"resources/icons/Icon~ipad.png",
"inputPath":"build/native",
"outputPath":"build/",
"configuration":"Release",
"platform":"Android",
"deviceType":"Universal",
"certificatePath":"C:/Documents and Settings/amit/.android/amit.keystore",
"certificateAlias":"alias_name",
"sdkPath":"C:/android-sdk",
"orientations": [
"portrait",
"landscapeLeft",
"landscapeRight",
"portraitUpsideDown"
]
}
Here is a guide to creating a key to sign your apk with.
You have currently signed your app with a debug key and need to generate a new one using keytool (java tool) then sign your apk with that.
Sencha guide: http://docs.sencha.com/touch/2-0/#!/guide/native_android
Keytool guide: http://developer.android.com/tools/publishing/app-signing.html
the keytool is in your java directory