Siba Prasad Hota Siba Prasad Hota - 5 months ago 27
Android Question

Android App Sign issue with new update: apk that is not signed with the upload certificate

Recently i have uploaded an app to play-store which is live now and i have enabled app sign in too. But, when i tried to upload a new build, i couldnt able to find my old key store. So, when i generate new KEYSTORE and try to upload, i am getting error :


you uploaded an apk that is not signed with the upload certificate.
You must use the same certificate.


enter image description here
Please have a look in my developer console, which has both the upload certificate & app signing certificate.

enter image description here

How to get the apk signed with same fingerprint and upload to play-store?

Ref: https://support.google.com/googleplay/android-developer/answer/7384423?hl=en


If you lose your keystore or think it may be compromised, Google Play
App Signing makes it possible to request a reset to your upload key.
If you're not enrolled in Google Play App Signing and lose your
keystore, you'll need to publish a new app with a new package name.


Note: Related to KeyStore many questions on stack overflow, but this is some thing related to new feature from Google "App Signing" and i m not getting nay suitable answer.

I have contacted Google and their response is not confirming anything. Please find below message from google.


I'm sorry for the confusion, however I can see for your app (with
package name: com.wma.foodinns.foodinnsapp), you have successfully
registered your upload key with Google and have therefore successfully
generated an upload key. The upload key you generated and then used to
register is the key you should still have on your side and should be
used to sign your APKs when uploading new APKs for this app to the
Play Console.

The certificate you can download from the Play Console is not the full
upload key, but contains the public key as well as some extra
identifying information about who owns the key (for more information
on this, please see the definitions listed here:
https://support.google.com/googleplay/android-developer/answer/7384423?hl=en&ref_topic=7072031).

Do you still have the key you have created that was then registered as
as the upload key on the Play Console?

Answer Source

FInally, Google Helped me to get this resolved. I have written an email describing the issue and then after getting their responce, followed the below steps.

  1. I created New Keystore.
  2. Exported the certificate for that key to PEM format:
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
  1. Replied to their email and attached the upload_certificate.pem file.
  2. Then Google sent an email saying they have updated my keystore and i can use the same after 3 to 4 days.
  3. I Used the key store newly generated and them generated the signed APK which was successfully uploaded to Playstore.

    Below are the list of locations needed to update keystore

    1. Local machine
    2. Locked on-site server (varying ACLs)
    3. Cloud machine (varying ACLs)
    4. Dedicated secrets management services
    5. (git) repos