How to sign apk update with the new upload certificate I got from Google?

rsnr · December 28, 2019, 7:44pm

Hi there.

I released an app to Google play with expo build:android.
Google Play App Signing is enabled for my app.
So far so good.
Then I replaced my icon, created a new bundle with expo build:android and tried to upload it to Google Play. I got this error message on Google Play console: “Upload failed: You uploaded an APK that is not signed with the upload certificate. You must use the same certificate.”

I contacted Google and followed their process for creating a new upload certificate:

keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
Send the resulting upload_certificate.pem file back to Google by email.
Google confirmed the new upload certificate is now in effect (two days later).

What should I do next to update Expo with the new upload certificate?

Simply running expo build:android ends with an error message on turtle:
com.android.ide.common.signing.KeytoolException: Failed to read key XXX from store “/tmp/turtle/keystore-XXX.jks”: Invalid keystore format

Thank you.

p.s., here’s my expo diagnostics:

Expo CLI 3.11.1 environment info:
System:
OS: Linux 4.4 Ubuntu 18.04.2 LTS (Bionic Beaver)
Shell: 4.4.19 - /bin/bash
Binaries:
Node: 10.15.3 - ~/.nvm/versions/node/v10.15.3/bin/node
npm: 6.12.0 - ~/.nvm/versions/node/v10.15.3/bin/npm
npmPackages:
expo: ^35.0.0 => 35.0.1
react: 16.8.3 => 16.8.3
react-native: https://github.com/expo/react-native/archive/sdk-35.0.0.tar.gz => 0.59.8
react-navigation: ^3.12.0 => 3.13.0
npmGlobalPackages:
expo-cli: 3.11.1

wkozyra · December 30, 2019, 8:59pm

keytool command generates on some systems keystore in pkcs format instead of jks
you can convert one format to the other with

keytool -importkeystore -srckeystore [MY_FILE.p12] -srcstoretype pkcs12
 -srcalias [ALIAS_SRC] -destkeystore [MY_KEYSTORE.jks]
 -deststoretype jks -deststorepass [PASSWORD_JKS]  -destkeypass [PASSWORD_KEY] -destalias [ALIAS_DEST]

where MY_FILE.p12 is your current keystore(you named it .jks, but it’s .p12 file)
after that run expo build:android -c select option to pass credentials manually and specify new keystore file, alias, keystore password and alias password (note that pkcs kesytore does not have alias password)

rsnr · December 31, 2019, 7:24pm

@wkozyra - it worked! thanks so much!
Happy new year everyone!

system · January 20, 2020, 7:24pm

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to upload app-signing certificates to Expo servers? Expo Development Tools	13	9232	October 8, 2019
Google app update Expo Development Tools	5	518	August 14, 2019
How to sign Expo app APK to update existing App on Google Play Store? Expo Development Tools	10	4495	January 23, 2020
App signing certificates issue when we upload app into play store Expo Development Tools	18	5983	June 21, 2020
How i can app signed with Expo. Expo Development Tools	4	858	January 14, 2020

How to sign apk update with the new upload certificate I got from Google?

Related Topics