ChatGPT解决这个技术问题 Extra ChatGPT

Uploading Android App Bundle to Google Play Console - key signing error

I'm trying to upload a brand new .aab file to the Google Play Console, but keep getting this error:

Upload failed You uploaded an APK or Android App Bundle that is signed with a key that is also used to sign APKs that are delivered to users. Because you are enrolled in App Signing by Google Play, you should sign your APK or Android App Bundle with a new key before you upload it.

I'm completely stumped, as I generated a new key for this app bundle at the time of generating the app bundle, i.e. through the Build > Generate Signed Bundle / APK... menu item in Android Studio, so it is a brand new key, unused by other apps. I've even tried creating a whole new keystore with a new key in it, but always get the same error. Is this some quirk someone else has come across?

When enrolling for App Signing by Google Play for this app, I chose the "Let Google manage and protect your app signing key (recommended)" option, and from all the documentation I've read, the key that you use to sign the app with first becomes the "Upload Key", so it seems like I'm doing everything correctly, but no dice.

Does anyone have any advice, or past experience on this?

L
Luke Needham

I am facing the same issues, in my case signingConfig was setup, I made one simple mistake, that I forget to change app debuggable to false. so even though I generated from menu or from gradle command, build was successfully generated but it was debuggable so play store not accepting signed apk and give me and message like Upload Failed The Android Bundle was not Signed in .

i also face this issue i add this line signingConfig signingConfigs.release in android > app> build.gradle > {buildType{release{ signingConfig signingConfigs.release }}}
This is correct for my case I forgot that in my app level gradle file buildTypes release debuggable was still set to true.
You save my life
M
Mohsen mokhtari

make sure to change app debuggable to false in build.gradle file

https://i.stack.imgur.com/YivNa.png

Wondering why Android Studio doesn't show any kind of warning because of this...
j
jaseelder

Well, after a lot of screaming and shouting, including reaching out to Google Play Console support in chat (they're only first level support, so... not much help) and email (who put me in the too hard basket and said they can't offer support for app development - what? the problem is to do with uploading an app to Play Console, not app dev!), I discovered this self answered question https://stackoverflow.com/a/54359729/845205.

Basically, make sure you're doing a Clean & Rebuild Project whenever doing anything to do with signing in Android Studio. For some reason it thought my new app was using the key from my old app and kept signing with that. (I guess the solution was app development support after all!)

thank you, I had the same issue, just did project -> clean then I created a new signed bundle, uploaded it to the store and had no issues! Gradle cache is a weird thing.
what if the key we used lately different from the previous one? how to switch that one?
P
Pierre

"through the Build > Generate Signed Bundle / APK... menu item in Android Studio, so it is a brand new key, unused by other apps."

Not really. The keystore that Android Studio uses is associated with the Android SDK installation, so all the apps created from your Studio are signed with the same key.

What happened is that you must have created another app, signed it with that keystore, and uploaded it to the Play Console, thus making it a key used to sign APKs served to end users. At the same time, you created another app which you enrolled in Play Signing: for this app, the upload certificate is extracted from the first APK you upload. Since you signed that APK with Studio as well, the same keystore was used. Play detected that it was the same certificate for both those apps, and since you used the same key for two different purposes (app signing key for your first app, and upload key for your second app), Play rejected it. The reason is that an app signing key is much more important than an upload key (the latter can be reset while the first one can't), so you shouldn't use them for two different purposes.

In other words, you'll need to create a different keystore to sign your apps enrolled in Play Signing (ideally, one per app), and make sure you never use that keystore as an app signing key for another app.

"In other words, you'll need to create a different keystore to sign your apps enrolled in Play Signing (ideally, one per app), and make sure you never use that keystore as an app signing key for another app." That's what I meant by "I've even tried creating a whole new keystore with a new key in it, but always get the same error." Brand new keystore, brand new key, never even got close to another app. Still the same error.
I could be wrong, but I'm pretty sure the issue is on your end: you either didn't actually create a new keystore, or you didn't upload the APK that was signed with the new keystore. If you're convinced otherwise and think that there is a bug in the Play Console, I would suggest to reach out to their support (support.google.com/googleplay/android-developer/… -- they even have a chat line), where they can look into the particular case more in details.
I confirm that Pierre is right, it works by using a new key that it's not used by any other app. You can also create a new alias in the same keystore to avoid creating another key.
A
Amir Dora.

I hit this error in our apps. We use the same upload key for all of our apps.

So when you create a new app, make sure you select the option Use an existing key that you sign an app with instead of the (Google recommended) option which is to send them an unique upload key.

The really annoying part is that this option can only be selected once, so we had to delete our app and recreate it.

h
heiligbasil

The solution for me turned out to be a matter of changing the build variant.

To recap, when I tried to upload my signed .aab bundle file into the Google Play Console for developers, I received this error The Android App Bundle was not signed.

Keep in mind that this error is ambiguous and could be caused by a number of issues as visible in the other answers on this page. I had originally uploaded my app using the release build variant. Forgetting what variant I had used originally, I tried to upload the debug build variant and got this error.

My fix: Upload the same build variant as the original one. They must match!

What's the different between your debug and release variant? What cause your release variant doesn't work?
It's that Google is expecting the new version to replace the old one with the same variant. @BabyishTank
Thank you, that was also my problem. This error message is extremely misguiding. I sent a feedback to Google.
@Zwyx yes, I completely agree and if Google could be more descriptive in the error, it would make it so much faster to discover the source of our mistakes.
L
Lahiru Pradeep Ariyasinghe

The following solution worked for me. Add following two lines to your gradle file. 

    release {
        minifyEnabled false
        proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
        **signingConfig
        debuggable = false**
    }
E
Elio Lako

Try removing everything about the new app from console, then start by generating a new key and rebuilding the app with the new key. Then you can re upload the new apk.

D
Dimon

I have had the same problem, i solved it by removing my app and adding it again to play console.

s
sunilr

The other way this can happen is if you have a signingConfig set up in the app build.gradle. It doesn't seem to matter what you specify in the signing section when you're making a bundle - even if you make a new one or choose some other keystore - it will use the one specified in the gradle file.

Z
Zeeshan Ali

i also face this issue i add this line signingConfig signingConfigs.release in android > app> build.gradle > {buildType{release{ signingConfig signingConfigs.release }}}

M
Mike

In my case it was because I was choosing the debug folder instead of release folder in my project as the destination for the Android App Bundle.

I needed the App Bundle for internal testing so I guess that's why it came natural to me to choose it.

T
Takeya

i know this is an old issue but since i just hit this problem and my solution is not listed, i want to share it so it can help some future stackies.

My problem with signing the app was the entry testCoverageEnabled true which was inside the 

buildTypes{ release { ... }}

even though debuggable false was set, googles error message was Upload Failed The Android Bundle was not Signed or debuggable version was uploaded

setting the testCoverageEnabled flag to false fixed my issue.

Z
Zoe stands with Ukraine

Just create a new key, and it should upload.

Isn't that what OP already tried? They say I've even tried creating a whole new keystore with a new key in it, but always get the same error.
This is undesirable because it puts additional burden on the developer to manage keys and keystores.

关注公众号,不定期副业成功案例分享
Follow WeChat

Success story sharing

Want to stay one step ahead of the latest teleworks?

Subscribe Now

HuntsBot,a one-stop outsourcing task, remote job, product ideas sharing and subscription platform, which supports DingTalk, Lark, WeCom, Email and Telegram robot subscription. The platform will push outsourcing task requirements, remote work opportunities, product ideas to every subscribed user with timely, stable and reliable.

简体中文 English

Platform

Support

Links

Contact US

Any questions or suggestions during use, you can contact us in the following ways:

Email: huntsbot@xinbeitime.com

Copyright© 2022-2023 www.huntsbot.com 浙ICP备2022000860号-4 All Rights Reserved.