Standalone build failed after App Signing

I was deploying my app without any signing on Android. Then as Google Play decided not to accept my build I had to add the App Signing, so I followed the instructions from: https://docs.expo.io/versions/latest/distribution/app-signing/#1-using-app-signing-by-google-play

And I run every single step from the expo opt-in-google-play-signing command.

Everything seemed OK, and then I wanted to create a build with the new sign. The problem is that I get the following error:

Standalone build failed!

[stderr] FAILURE: Build failed with an exception.
[stderr] * What went wrong:
[stderr] Execution failed for task ':app:packageProdKernelRelease'.
[stderr] > com.android.ide.common.signing.KeytoolException: Failed to read key QHRoZXlsb29rc290aXJlZC9wYXQtcHJlbWlvcw== from store "/tmp/turtle/keystore-1d81cce6-197c-44a4-9e21-a3d2bfd02145.jks": Get Key failed: Given final block not properly padded
[stderr] * Try:
[stderr] Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.
[stderr] * Get more help at https://help.gradle.org
[stderr] BUILD FAILED in 3m 15s

What could have happened? I have no clue on what to do now.

For more details:

My expo version is 3.0.8

My App signing certificate corresponds to the one I see in Google
Google Certificate Fingerprint: 75:E1:9F:…

The same thing goes on with the fingerprint for the upload_cert.pem

The expo diagnostics are:

  Expo CLI 3.0.8 environment info:
    System:
      OS: macOS 10.14.4
      Shell: 3.2.57 - /bin/bash
    Binaries:
      Node: 8.16.0 - /usr/local/opt/node@8/bin/node
      npm: 6.4.1 - /usr/local/opt/node@8/bin/npm
    IDEs:
      Xcode: 10.2.1/10E1001 - /usr/bin/xcodebuild
    npmPackages:
      expo: ^32.0.0 => 32.0.6 
      react: 16.5.0 => 16.5.0 
      react-native: https://github.com/expo/react-native/archive/sdk-32.0.0.tar.gz => 0.57.1 
      react-navigation: ^3.0.9 => 3.6.1 
    npmGlobalPackages:
      expo-cli: 3.0.8

It’s the same issue as mentioned here (new keystore is in wrong format, p12 file instead .jks)

!!! Backup current credentials before doing next step
Run this command to convert it to jks(MY_FILE.p12 should be path to current jks file)

keytool -importkeystore -srckeystore [MY_FILE.p12] -srcstoretype pkcs12
 -srcalias [ALIAS_SRC] -destkeystore [MY_KEYSTORE.jks]
 -deststoretype jks -deststorepass [PASSWORD_JKS]  -destkeypass [PASSWORD_KEY] -destalias [ALIAS_DEST]

run build:android -c and specify keystore and all the credentials manualy

I’m not sure about these instructions.
Locally I have the following files:

 pat-premios.jks
 pat-premios_sign.jks.bak
 pat-premios_upload_cert.pem

But I cannot find any .p12 file
Running the command expo fetch:android:hashes I get:

Google Certificate Fingerprint:     F3:EA:2D:85:B2:FB:DE:FE:19:4D:20:BE:79:9C:8A:07:B3:A8:D2:70
Google Certificate Hash (SHA-1):    F3EA2D85B2FBDEFE194D20BE799C8A07B3A8D270
Google Certificate Hash (SHA-256):  76CCACD379F1A66ED94B044A3287ECDE3B93CB571A3C039BD9E9F8AAB00D2061
Facebook Key Hash:                  8+othbL.......

That matches my GooglePlay upload signature:

In the original process I wrote down these expo outputs:

Credentials for upload keystore
    Keystore password: 0e132c16f3e8.....
    Key alias:         QHRoZXlsb2....
    Key password:      f90653bd7...

Credentials for original keystore
    Keystore password: f629faafa...
    Key alias:         QHRoZXlsb29...
    Key password:      cf5fcd9209d....

So, what I should do is? :

OPTION A)

  1. Run build:android -c
  2. Let expo generate new credentials
  3. Run expo fetch:android:upload-cert to get the .pem file
  4. Ask google support team to reset my password

or OPTION B)

  1. Convert the pat-premios.jks file to pat-premios-not-p12.jks using the “Credentials for upload keystore”.
MY_FILE.p12 -> pat-premios.jks
MY_KEYSTORE.jks -> pat-premios-not-p12.jks
ALIAS_SRC -> QHRoZXlsb....
PASSWORD_JKS -> 0e132c1...
PASSWORD_KEY -> f90653bd7....
ALIAS_SRC  -> ALIAS_DEST -> QHRoZ...
  1. Run build:android -c
  2. Provide the generated .jks manually

First thing you should not post credentials publicly(I suggest editing this post)
You p12 file is file downloaded by expo fetch:android:keystore it has name with jks extension but name here is incorrect
The correct way is OPTION B, but do not use those local files, fetch it from expo serverer with expo fetch:android:keystore (this jks file in fact p12 with the wrong name)

Super, I will try and let you know… the credentials are missing the last few characters :slight_smile:
Thanks!

It works!

1 Like