Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

AppGameKit Classic Chat / I am completely confused about app signing stuck for months

Author
Message
kocak
4
Years of Service
User Offline
Joined: 9th Nov 2019
Location:
Posted: 3rd May 2022 17:18
I am confused as on googleplay developper page it says Google will generate and protect an app signing key for your releases (upon research i found that this used to be optional and you could choose to sign a key your own but now its not optional) also on the export page in agk it says on the signing part : if you are submitting an App Bundle to the googleplaystore then this must be the upload key and on googleplay
On setup app integrity there is an app signing certificate section where i can download a sertificate but there is an app signing key certificate and an upload key sertificate am i supposed to download one of them and select that file for keystore file in exporting process?

edit: In googleplay console setup->app integrity the uploadkey certificate has the message:This is the public certificate for your private upload key. Use your upload key to sign each release so that Google knows updates are from you. Use the certificate below to register your upload key with API providers.
So if i am supposed to select the file obtained by download certificate button am i supposed to make the keystore password into one of the certificate fingerprints if so which one.
There is MD5 certificate fingerprint,SHA-1 certificate fingerprint, SHA-256 certificate fingerprint

So in summary i am completely lost regarding app signing and stuck in this part for months can someone please help me on this? Thank you all for your time in advance
Zaxxan
AGK Developer
3
Years of Service
User Offline
Joined: 17th Nov 2020
Location: England
Posted: 4th May 2022 20:53 Edited at: 4th May 2022 21:08
When I have uploaded my apps to the playstore I generate a key using the key generator in appgamekit. When I export the aab select the keystore file that was generated and enter the password that you used when generating the key file. Always use the same key when uploading newer app updates to the play store.
kocak
4
Years of Service
User Offline
Joined: 9th Nov 2019
Location:
Posted: 6th May 2022 16:11
This might not work for me because google now forces you to use its upload key like i stated above and agk says if you are submitting an App Bundle to the googleplaystore then this must be the upload key which makes me think i now have to download upload key from googleplaystore and select that file on export process instead of keystore
Zaxxan
AGK Developer
3
Years of Service
User Offline
Joined: 17th Nov 2020
Location: England
Posted: 7th May 2022 02:15 Edited at: 7th May 2022 08:14
I only uploaded a new game a few days ago and didn't have any issues so it must be a very recent change. Have you tried what I suggested or just assuming it won't work? I'll be uploading another game in a week or two so will check out what you mean.

If you generate a key using Appgamekit and try uploading it, Google will tell you if the key is valid or not.
kocak
4
Years of Service
User Offline
Joined: 9th Nov 2019
Location:
Posted: 7th May 2022 22:59
Zaxxan first of all thank you for your help. My situation was more than a few days ago because of this text in release page:
App integrity
Releases signed by Google Play
Google will generate and protect an app signing key for your releases

It used to be optional but they chance according to my research. And during export page of agk it says if you are submitting an App Bundle to the googleplaystore then this must be the upload key. And since on setup->app integrity->app signing has App signing key certificate and Upload key certificate part i am confused in the internet page i found that explains the key signing process very explicitly it said to download upload key and use it on somepart of android studio for keystore key or something i forgot.

But my main question to you that would solve all my problems is that can you update a game that has been submitted with your method after the above conditions existed. If its yes i can finish exporting and upload the game

Also since you uploaded games before i want to ask that to enter pre-registration i have to finish the first part of the production right? because start pre-registration button is unclickable despite me entering the nessesary information.(Note i dont plan to make any testing as i have done enough my own)
Zaxxan
AGK Developer
3
Years of Service
User Offline
Joined: 17th Nov 2020
Location: England
Posted: 8th May 2022 21:40
I have updated a game submitted to the play store using the method I described but you have to use the key that you used for the original version, this key must be used for all updates.
kocak
4
Years of Service
User Offline
Joined: 9th Nov 2019
Location:
Posted: 10th May 2022 19:45 Edited at: 10th May 2022 20:00
Oh, i actioally meant something different but i think this will show what i mean:
When i try to upload my app in production section i get this error:
Your Android App Bundle is signed with the wrong key. Ensure that your App Bundle is signed with the correct signing key and try again. Your App Bundle is expected to be signed with the certificate with fingerprint:
SHA1: ** Here is some values for fingerprint**
but the certificate used to sign the App Bundle you uploaded has fingerprint:
SHA1: ** Here is different values**

Edit:
When i try to download the certificate to use instead of keystore and enter the required key appgamekit gives me an error stating it could not sign it and tells me to check if my key and alias etc are correct
Zaxxan
AGK Developer
3
Years of Service
User Offline
Joined: 17th Nov 2020
Location: England
Posted: 10th May 2022 22:33
I have seen this error when I signed an update with the wrong key. Instead of using the key that was used for the first upload I created a new key and got the error message that you mention. I then used the first key and it then uploaded correctly. I've never downloaded a certificate so I will have a look at that.
Zappo
Valued Member
19
Years of Service
User Offline
Joined: 27th Oct 2004
Location: In the post
Posted: 10th May 2022 23:34
My thoughts are the same as Zaxxan. It sounds like you previously uploaded a bundle with one key, and are trying to upload an updated version with a different key. You must use the same key for all updates. Also ensure your version/build number increases for each version.

You can generate your first key using the built-in keygen tool in AGK. Then, when you go to publish it Google will add/replace it with their own key for better managed security at their end, but you still need to sign updated bundles with your original key before they will touch it.
kocak
4
Years of Service
User Offline
Joined: 9th Nov 2019
Location:
Posted: 11th May 2022 12:29 Edited at: 11th May 2022 12:34
No this is my first time uploading anything to googleplay. I think releases signed by googleplay setting might be causing an issue because agk signs it differently than their key maybe?
Edit: the key the googleplay asks for is written in setup->app integrity-> app signing page under the upload key certificate next to SHA-1 certificate fingerprint
Zappo
Valued Member
19
Years of Service
User Offline
Joined: 27th Oct 2004
Location: In the post
Posted: 11th May 2022 23:32
I've uploaded many apps to Google Play and I have only ever signed them with my own keys. I've never had to download a key from Google to sign an app - they look after that for you after you've uploaded it.

You do have to download keys with Apple's App Store to sign your app, but I never have with Google.
Zaxxan
AGK Developer
3
Years of Service
User Offline
Joined: 17th Nov 2020
Location: England
Posted: 12th May 2022 09:30
I'm the same as Zappo, only ever signed with my own keys. As previously mentioned though you must keep your key safe and use it every time you upload a new update.

Perhaps it might be a good idea to discard your current track and start a new one with a new package name and then use the same key to upload your updates.
kocak
4
Years of Service
User Offline
Joined: 9th Nov 2019
Location:
Posted: 12th May 2022 18:26
I am unsure if using googles upload key is still optional do you know how to generate the aab file using googles upload key. On exporting area there is a message that says on the signing part : if you are submitting an App Bundle to the googleplaystore then this must be the upload key and on googleplay
kocak
4
Years of Service
User Offline
Joined: 9th Nov 2019
Location:
Posted: 23rd May 2022 18:46
Ok i gave up trying to use googleplay uplaod key but i am stuck as when i try to change my app signing preferences i am unable to save without following some steps which has nothing to do with appgamekit what can i do? The options and tasks are like this:

Export and upload a key from Java keystore

Download the Play Encrypt Private Key (PEPK) tool. Download source code
Run the tool using the command below to export and encrypt your private key. Replace the arguments, and enter your keystore and key passwords when prompted.

$ java -jar pepk.jar --keystore=foo.keystore --alias=foo --output=output.zip --include-cert --encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a

For increased security, create a new upload key (optional).
Show instructions
expand_more



Export and upload a key (not using Java Keystore)

Use this code (the code performs EC-P256+AES-GCM hybrid encryption) with the hex encoded public key (a 4-byte identity followed by a 64-byte P256 point) below to create your own tool exporting the encrypted private key.

eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a

For increased security, create a new upload key (optional).
Hide instructions
expand_less

Create a new upload key and use it to sign each release, instead of your app signing key. If you ever lose your upload key, or it's compromised, you can reset it to start using a new one.

Generate new upload key. Learn more
Export the upload key certificate as a PEM file using the following command. Replace the arguments in bold.

$ keytool -export -rfc -keystore upload-keystore.jks -alias upload -file upload_certificate.pem

Login to post a reply

Server time is: 2024-03-29 08:16:01
Your offset time is: 2024-03-29 08:16:01