'Google Play Console Play App Signing - The Android App Bundle was not signed
I am trying to create a playstore release.
I've followed the guide to create an upload key and keystore, to the letter: https://developer.android.com/studio/publish/app-signing#generate-key
I have then generated a signed app bundle of my app with the upload key, exactly as stated here: https://developer.android.com/studio/publish/app-signing#sign_release
Which resulted in a file named: app-release.aab
Now, because this app is brand new, and has never been released before, there is no need to export the encrypted key and "opt in an existing app into Play App Signing" as I already opted in to this when I created the new app listing in the play console and, of course, I've never uploaded an APK signed with another key for this app listing before.
Next, I go to the play console and create a new production release. When I upload the app-release.aab file however, I see the following error message:
"The Android App Bundle was not signed."
Which is completely baffling.
As far as I can tell, I have followed the instructions to the letter, and I have attempted to do some research on google but I'm finding no answers.
Could anyone with experience of this process help me?
EDIT:
What I did not understand about the entire process, was that I am asked to generate the upload key locally but never actually upload the key to the google play console - how on earth does Google know that the app is signed with the upload key, if they've never seen the upload key? But, no where in the documentation of generating the upload key is it stated that I am supposed to do anything with the locally generated key other than use it to generate the signed app bundle locally, which is exactly what I have done.
EDIT 2:
Here are screenshots showing the process I am following to create the upload key and generate a signed bundle of my app with the upload key:
And then, rather oddly, the result of running keytool -printcert -jarfile app-release.aab from the directory where the bundle is:
Solution 1:[1]
You can verify if the app bundle you upload to Play is signed by running locally one of the following commands:
Using jarsigner:
jarsigner -verify app.aab
Using keytool:
keytool -list -printcert -jarfile app.aab
If it says the file is "verified" (or you see the certificate being printed when using keytool), then you AAB is indeed signed. If it is, make sure you upload the right file to Play Console, and if it still doesn't work, contact the developer support.
If it says the file is not verified/signed, then make sure you have selected a keystore in Android Studio when you generated the signed bundle and ensure the build succeeds.
If all else fails, do a full Clean Project and try again.
how on earth does Google know that the app is signed with the upload key, if they've never seen the upload key?
Google simply extracts the certificate from the first APK or AAB you upload and considers this the upload certificate. Every subsequent upload will have to be signed with the same key, but the first one can be signed with anything.
Solution 2:[2]
I had to rebuild the project before signing it.
Solution 3:[3]
I was having a similar problem (just a few days ago).
I was able to resolve my problem (and I don't know why) by running the following command on my .jks file and then going through Android Studio and generating the signed app bundle again.
$ keytool -list -keystore 'fakeNmae.jks' -storepass fake-password-same-one-i-used-in-android-studio
Use the command exactly as you see it except of course replace your .jks file name with the one above (make sure it is between single quotes) and then add your password after the -storepass command.
Hope it helps you too.
Here's the entry I posted here on SO about the problem.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Pierre |
| Solution 2 | Ronen Festinger |
| Solution 3 | raddevus |