Exporting to Android: signing an aab for release (solved)

anon95708182 · October 6, 2021, 5:31pm

Hi all,

I would like to ask my fellow app-creators how they go about signing their aabs for release.
My understanding of the process suggested in Google’s instructions is:

create one upload keystore that holds upload keys for each of your apps.
give upload keys and keystore different passwords.

I use the latest version of Defold (1.2.186).
When I create an aab for release from within the editor , this is the situation:

Unless keystore and key share the same password, bundling does not finish.
There is no option to choose a specific key held in the keystore file.

So, what do you folks do when you upload several apps:

create a new keystore for each app, that holds only the one key for this app?
use the same keystore and key for all of your apps?
do something else?
did I misunderstand the signing process?

I have never uploaded an app before and would be very grateful for your advice.

Thanks a lot in advance

Brigitte

britzl · September 9, 2021, 1:18pm

This is something we should fix. Task can be found here:

github.com/defold/defold

Add separate Android keystore password option to bob and the editor

opened 10:54PM - 09 Mar 21 UTC

britzl

feature request editor bob android

**Is your feature request related to a problem? Please describe (REQUIRED):** T…he Android keystore can use a different password from the password of the individual keys. This needs to be supported by bob and the editor. **Describe the solution you'd like (REQUIRED):** Bob must have an additional option to specify the keystore password and the key password **Describe alternatives you've considered (REQUIRED):** Make sure they are using the same password **Additional context (OPTIONAL):** https://forum.defold.com/t/android-keystore-file-and-alias-inside-it-should-have-the-same-passwords/67698?u=britzl

anon95708182 · September 9, 2021, 3:38pm

Hello @britzl,

thank you very much for your reply and the link!

I had found this task already while pondering about Google’s new signing procedure and read that there will be a fix.

Maybe I should have formulated my question a bit better - sorry about that:
I wanted to find out how folks here sign their apps in the meantime, while they cannot target a specific key in the keystore. Is it ok to use the same key for all apps or would it be better to create a new keystore and key for each app?

You see, I never published an app before, want to avoid mistakes and am a bit nervous.

Anyway - thanks again for your reply.

Many greetings and have a nice evening

Brigitte

britzl · September 9, 2021, 8:00pm

Sorry about that. I didn’t really answer your question!

I would personally use the same keystore and key for each app.

Although I see now that the Play App Signing is required for all new apps after August 2021. I have not used this feature myself so I can’t give much advice.

anon95708182 · September 10, 2021, 9:05am

Good morning @britzl!

Oh yes, you did give me valuable advice that helped me a lot - thank you very much indeed!
I will now confidently upload my two apps and pester my testers with them. They cannot wait

Have a lovely Friday

Brigitte

britzl · September 15, 2021, 6:34am

I started looking into this only to find that it is no longer possible to use a different keystore password and keystore key password due to an issue in recent versions of the JDK. This is also affecting Android Studio: Android Studio release notes | Android Developers

anon95708182 · September 15, 2021, 2:30pm

Thanks @britzl!

anon95708182 · September 16, 2021, 8:03am

Hello all,

just some info that people who want to create their release keystore and key using Android Studio might find useful.

Google’s instructions still advise you to use different passwords for key and keystore.
Now, as @britzl found out, both must have the same password.
This is the case since Android Studio Version 4.2 (please see the links @britzl provided).

So I downloaded this version and used a template to try it out:

Android Studio 4.1: a keystore and key with different passwords are created without error and the the template builds successfully.
Android Studio 4.2 will now give you an error message:

After clicking ok, you’ll see this:

I had clicked the link in the manual to Google’s instructions and followed their advice to use different passwords. Since I used Android Studio 4.1, keystore and key were created without error message. So it did not occur to me to look for ‘known issues’ (@britzl did and found the links above). When the build failed in Defold, I was puzzled and started this topic. Had Google updated their instructions page, I would not have pestered you. @britzl, sorry for the extra work and thanks again for your help!

Cheers

Brigitte

britzl · September 16, 2021, 8:16am

Thank you for sharing your investigation!

Don’t worry. It was useful for us!

AarrrBee · September 21, 2021, 2:37pm

That issue was marked “won’t fix” in 2013 so it doesn’t seem recent.

I understand that Android Studio no longer supports different key/keystore passwords, but does that mean that Defold/Bob can’t?

Right now, I cancel the Bob build when the unsigned APK has been generated, and sign it manually with jarsigner… can that be automated?

britzl · September 21, 2021, 2:40pm

True, we probably could do this.

AarrrBee · September 21, 2021, 2:57pm

That would be helpful - we already have a keystore registered with Google Play that has different passwords, and I have to do the Android builds manually.

anon95708182 · September 21, 2021, 4:26pm

“Automated”, if this were possible, it would be superb!