Android app signing and deploying for new Google Play App Signing feature presented at Google I/O 2017
This post is to explain the steps included in app signing for all those Android Developers who already have an app in play store. And for those who are starting with a new app to deploy, you can refer here.
Before starting with the steps, I hope you have already created app in Play console, and released with alpha or beta releases. You are trying to release in production release with the new app signing process.
Signing process includes two keys, 1) app signing key 2) upload key.
Google will take care of app signing key, and you must secure the upload key.
We shall look into app signing process,
Step 01: Create new Signed apk for your app which requires,
1) Key store path: provide a path which creates .jks file
2) Password
3) Alias name
4) Password
5) Validity years
6) Other information
NOTE all the information provided for further reference.
2) Keep your .jks file ready and locate your app-release apk file
Step 02: Open your play console, go to app releases and opt for production release. Maintain incremental version code on every release of application and give release name and fill what’s new field.
Your android app’s build.gradle file will contain the information about keyPassword, path to storeFile, and storePassword. That’s it about the app signing process. Will look into upload key now,
Step 01: Go to app signing row under Release management column shown in above picture. Accept App signing TOS if haven’t accepted. You can look here for more information.
Step 02: Here is the major process, you can see this below picture,
Download pepk tool as told, keep ready with .jks file
Step 03: Open command prompt and type,
java -jar “PATH_TO_PEPK.JAR” — keystore=”PATH_TO_JKS_FILE” — alias=aliasName — output=”PATH_TO_OUTPUT_FILE” — encryptionkey=” GOOGLE_ENCRYPTION_KEY ”
- PATH_TO_PEPK.Jar = Path to the pepk.jar you downloaded in Step 2, could be something like
C:\Users\YourName\Downloads\pepk.jar
for Windows users. - PATH_TO_JKS_FILE/ PATH_TO_KEYSTORE = Path to keystore which you use to sign your release APK. Could be a file of type *.keystore or *.jks or without extension. Something like
C:\Android\mykeystore
orC:\Android\mykeystore.keystore
etc... - aliasName = The name of the alias you use to sign the release APK.
- PATH_TO_OUTPUT_FILE = The path of the output file with .pem extension, something like
C:\Android\private_key.pem
- GOOGLE_ENCRYPTION_KEY = This encryption key should be always the same. You can find it in the App Signing page, copy and paste it. Should be in this form:
eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a
Press Enter and you will need to provide:
- The keystore password
- The alias password
Keep ready with .pem file and upload on APP SIGNING PRIVATE KEY button
Step 04:Upload the private_key.pem file clicking the button identical to the image below
Step 05: Now create public keystore from android studio
Go for generate signed apk, create new, provide path to save .jks file with different name
Fill all the fields, note all the passwords, alias name
Keep ready with newly created .jks file, alias name, pem file(keep a copy of pem file at local folder)
Step 06: We need to extract the upload certificate from the newly created upload_key.jks
keystore. Open a terminal and type:
keytool -export -rfc -keystore “KEYSTORE_PATH” -alias “KEYSTORE_ALIAS” -file “PATH_TO_PEM_FILE”
- UPLOAD_KEYSTORE_PATH = The path of the upload keystore you just created. In this case was
C:\Android\upload_key.jks
. - UPLOAD_KEYSTORE_ALIAS = The new alias associated with the upload keystore. In this case was
upload
. - PATH_TO_OUTPUT_FILE = The path to the output file with .pem extension. Something like
C:\Android\upload_key_public_certificate.pem
Press Enter and you will need to provide the keystore password.
Now if everything has gone OK, you will have a file in the folder PATH_TO_OUTPUT_FILE called upload_key_public_certificate.pem
Upload this file on, UPLOAD PUBLIC KEY CERTIFICATE button
Click ENROLL!!!!! you are done with important step
Check if every options are checked with green. If everything is fine you are going to get publish option.
Publish and just Relax.
Simplified from the google source
Hit the Clap button to recommend this post and share it with your android developers. Thank you:)