GooglePlay - wrong signing key for app bundle

Question

I\'ve just now started using app bundles. I\'ve set the two certificates in the App signing section of the dashboard (signing certificate and upload certificate

Answer 1

After a little bit of searching, I found that I accidentally had testCoverageEnabled true in my release build type.

release {
    testCoverageEnabled true
    ...
}

This will make the APK / App Bundle debuggable, and Google Play Console will consider it's not signed. Removing this resolved the issue.

Answer 2

In my case the issue was Android App bundle, I had forgotten to increment the versionCode for the project and it was not showing that error on the console. Instead, it was showing the error related to certificate SHA.

Answer 3

I see there are an answer but in my case I forgot to remove

debuggable = true

from app build.gradle

Answer 4

The solution was a very basic one. I had to clean my project and then rebuild it.

Android Studio was signing my app bundle with the old certificate i was using.

What I did previously is go to Build -> Generate Signed Bundle / APK and i changed the jks file in the file selector to the new upload jks. It seems Android Studio caches the old certificate path and uses it even though I've selected a new one. Might be a bug in AS.

So yeah ... now if I clean the project every time i change the jks file it works, the apk or app bundle gets signed with the proper certificate...

Answer 5

I tried using the multiple answers here & in this question, but somehow I was getting this error because I had some issues with my android/app/build.gradle and android/gradle.properties files.

Two things you should check (in addition to the other solutions here) are:

1. In android/gradle.properties and android/app/build.gradle, make sure your keystore variables match exactly.
   • In android/gradle.properties, you probably have something like this:

     MYAPP_RELEASE_STORE_FILE=<>
     MYAPP_RELEASE_KEY_ALIAS=<>
     MYAPP_RELEASE_STORE_PASSWORD=<>
     MYAPP_RELEASE_KEY_PASSWORD=<>
     

   • Make sure these variable names exactly match those in android/app/build.gradle:

     android {
         ...
         signingConfigs {
             release {
                 if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
                     storeFile file(MYAPP_RELEASE_STORE_FILE)
                     storePassword MYAPP_RELEASE_STORE_PASSWORD
                     keyAlias MYAPP_RELEASE_KEY_ALIAS
                     keyPassword MYAPP_RELEASE_KEY_PASSWORD
                 }
             }
         }
     }
     

2. In android/app/build.gradle, make sure you set signingConfig to signingConfigs.release in your release buildTypes:

   android {
       ...
       buildTypes {
           debug ...
           release {
               signingConfig signingConfigs.release
           }
       }
   }
   

Note: If you're doing react-native development and found yourself here, make sure you follow all steps on "Publishing to Google Play Store". I thought I could skip a few steps without causing problems, and that led to hours of debugging

Answer 6

App bundles are just signed using the same format as jarsigner. So you can check the cert hash of your app bundle signature yourself. For example, on linux:

zipinfo -1 ${APK?} \
    | grep -E "META-INF/.*(RSA|DSA|EC)$" \
    | xargs -I{} unzip -p ${APK?} {} \
    | keytool -printcert

If the output from this shows a signature that does match the correct signing key, then there is a bug in Play store, and you should escalate to Play Console support. This is available on the help menu on the Play Console.

On the other hand, if the certificate doesn't match, then even though you think you are signing with the right keystore/key you are doing something wrong, and the app bundle is not signed with the correct upload certificate.