Home » Android » android – How to generate an upload key for Google App Signing?

android – How to generate an upload key for Google App Signing?

Posted by: admin April 23, 2020 Leave a comment

Questions:

I am currently struggling with the upload key, which is the new method of signing APK’s to publish it to Google Play.

What I have done

  1. I created a new app which should now on the play store.
  2. I created an app entry on the Play console.
  3. Then I activated Google Play App Signing
  4. I uploaded my signed APK with a normal keystore file.

And then I get the following error message from the upload dialog.

Upload failed You uploaded an APK that is signed with a key that is
also used to sign APKs that are delivered to users. Because you are
enrolled in App Signing, you should sign your APK with a new key
before you upload it.

What’s the problem

I did not find anything to upload an upload key or how to generate something like this. Is the upload key equal to the keystore file?

What I’ve tried to do

Then I looked at the documentation of app signing here. But I don’t understand how I can create this upload key and send it Google.

Can anyone help me?

How to&Answers:

Per the Help Page:

Upload key: A new key you generate during your enrollment in the program. You will use the upload key to sign all future APKs prior to uploading them to the Play Console.

So it is just a new key you generate using the existing process.

Answer:

I just went through this exhausting process. I’m using React Native so I never even use Android Studio unless I need to launch a virtual device. I’m documenting this for myself and anyone else that has been traumatized by this experience. This is explicitly for the ‘Upload Key’ option. Google then swaps it out on Play so you aren’t really responsible for making sure you don’t lose the one and only key to your fortunes.

Open the ‘android’ file inside your React Native project in Android Studio. Build it and do whatever you have to so it gives you the options to produce an APK (unsigned or whatever). You can also just run it from here on a VD or a phone if it’s attached. I had to do updates to get it to build so you may need to do the same.

First go to ‘Build’ in the menu:

enter image description here

This window will come up:

enter image description here

Click ‘Create new…’

A dialog like this will come up. Fill it out with your info. Note that there are two separate passwords. Remember what you put there for later.

enter image description here

Go to someplace you want to store the key. In React Native, there is already a folder called ‘keystores’ at MyApp > android > app. Choose that as the key store path by clicking the ‘…’ button.

enter image description here

Type in whatever you want your key called. I gave it the same name as the app.

This will bring you back to the previous dialog. Fill in the passwords from before and click ‘Next’.

enter image description here

This will bring you to this dialog where you can choose where to put the apk. By default in React Native it goes to MyApp > android > app > app-release.apk. Click those two tick boxes otherwise you will have to change some configs or Google Play will reject it. They start out unchecked.

enter image description here

Go to this page in your Developer Panel. Click ‘Edit Release’. This is presuming you’ve already set up a beta or alpha release. (Not covered here.)

enter image description here

That will bring you to this page. Drag and drop your apk here or upload with the button.

enter image description here

Please, Google, document this process somewhere! Peace out!

Answer:

Create a signed bundle in latest version of Android Studio, sign your app with jks as usual with "export encrypted key" checked.

  1. Create a signed bundle in latest version of Android Studio, sign your app with jks as usual with “export encrypted key” checked.

You private key will be exported at ~/.android/private_key.pepk by default.

  1. You private key will be exported at ~/.android/private_key.pepk by default.

Answer:

For me, the experience was different as of Feb 2019.
While uploading a signing key, I haven’t completed the optional Upload Key section as it said that I can complete this step later.

enter image description here

After I have uploaded a signing key and pressed Finish, it said that now I have an upload key and I’m good to go even though I haven’t created one.

enter image description here

It took me time to see that fingerprints of the signing certificate and upload certificate are identical, i.e. Google has silently registered my signing key as an upload key.

Hope this helps somebody.

Answer:

The Android Developer page you mentioned(Sign an APK) clearly lays out how to generate a key using Android Studio. Notice the Generate a key and keystore section.

An upload key is no different in terms of how it is created. It is only the purpose that makes it different from the signing key. Upload key is only used to upload the APK to the Google server so that they can authenticate you. Google then does the actual app signing for you.