Up till now, I’ve gotten my app in the Android Play store through the following process:
- meteor build… (this generates an .apk)
- (once) keytool -genkey -alias…
- jarsigner -verbose -sigalg SHA1withRSA…
- /Library/Android/sdk/build-tools/28.0.2/zipalign 4…
Now, meteor build no longer generates an .apk. It generates an .aab. By slightly changing commands 3 and 4, above, I manage to get what appears to be a signed and zipped .aab.
Uploading this to the Play Store, I get this:
To upload an Android App Bundle you must be enrolled in Play app signing.
Opting in, I am given three options:
- Export and upload a key from Android Studio
- Export and upload a key from Java keystore
- Export and upload a key (not using Java keystore)
For each, I’m at a loss as to how to proceed. The very succinct instructions Google offers do not help me to move forward.
I have found I can have my build generate an .apk with this flag: --packageType=apk
Uploading the resulting .apk to the Play Store gets me this:
You uploaded an APK with an invalid signature (learn more about signing). Error from apksigner: ERROR: MIN_SIG_SCHEME_FOR_TARGET_SDK_NOT_MET: Target SDK version 30 requires a minimum of signature scheme v2; the APK is not signed with this or a later signature scheme
The instructions (under ‘learn more about signing’) all rely on using Android Studio to move forward. However, my app is not ‘in’ Android Studio.
What should I do next?
Hi @MastaBaba
You have to use Google Play Console to enable play app signing. Google play will generate a Keystore for you and manage all the signing processes. You don’t have to pre-sign your aab, you just need to upload the unsigned aab after enabling it in the web interface
Thanks @renanccastro,
Also when I don’t attempt to sign the .aab, I get presented with the three options I mention above. It is not clear to me for any of these how I need to proceed. The instructions that come with each do not provide the clarity I need to move forward.
Would you perhaps be able to point me to a walkthrough on what steps I need to take, next?
Thanks again.
I think this link might help you:
Thanks. That’s an interesting how-to. Buuuut, it doesn’t address one of the three options I’m faced with (the how-to talks about exporting a keystore from thunkable, which doesn’t apply to my case.)
Of the options Google gives me, I suspect I need to go with option 2, which tells me I need to execute this:
$ java -jar pepk.jar --keystore=foo.keystore --alias=foo --output=encrypted_private_key_path --encryptionkey={key}
The alias I know. It’s what I used with the initial keytool command.
I do not know what I should put for foo.keystore. Just {my-alias}.keystore?
I also do not know what I should put for encrypted_private_key_path. How do I figure that out?
@MastaBaba, you can follow this steps, the steps are using Mac OS:
- Open the build in Android Studio
- From the Android menu select Build > Generate Signed Bundle / APK…
- Select Android App Bundle and click Next
- Add your keystore details and at the bottom you should have the option
Export encrypted key for enrolling published apps in Google Play App Signing - Check this and select your destination folder, Click next
- Select your Build variant and click on Finish
- In Google Play Console select
Export and upload a key from Android Studio upload the encrypted key from the destination folder. The name should be private_key.pepk
You should be able to publish the .abb in Play Store
Thanks @cmboros, that looks like a useful guide.
I have never used Android Studio to get my apps in the Play Store, though. I just tried both meteor run android and meteor run android-device, assuming they are similar to meteor run ios-device, which I do use to get my app in the App Store, but though my meteor build works fine, and generates an .aab, neither of the meteor run android nor meteor run android-device work for me.
Specifically, I get the following spaghetti:
✗ Android target: Command failed with exit code 1: avdmanager list target
Exception in thread “main” java.lang.NoClassDefFoundError: javax/xml/bind/annotation/XmlSchema
at com.android.repository.api.SchemaModule$SchemaModuleVersion.(SchemaModule.java:156)
at com.android.repository.api.SchemaModule.(SchemaModule.java:75)
at com.android.sdklib.repository.AndroidSdkHandler.(AndroidSdkHandler.java:81)
at com.android.sdklib.tool.AvdManagerCli.run(AvdManagerCli.java:213)
at com.android.sdklib.tool.AvdManagerCli.main(AvdManagerCli.java:200)
Caused by: java.lang.ClassNotFoundException: javax.xml.bind.annotation.XmlSchema
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:641)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:520)
… 5 more
Any thoughts on this new challenge would be appreciated 
I have found that, using Android Studio, I can ‘just’ open the build which is created with meteor build. Huzzah!
Then, generating the ‘signed bundle or APK’, I need to fill in details of my existing key, which requires specifying the ‘Key store path’.
I have created my key like so (as per some other tutorial):
keytool -genkey -alias {{myalias}} -keyalg RSA -keysize 2048 -validity 10000
Note, I have not included a filename in this.
How do I figure out where my keystone file is, so that I can specify it in Android Studio?
Turns out my keystore was a hidden file, named .keystore, in my home folder.
Now, following @cmboros’s steps gave me a file, private_key.pepk, which I was able to upload, which then saw Google give me two certificates, deployment_cert.der and upload_cert.der.
Now, Google tells me there’s an error with my release:
This release does not add or remove any app bundles.
I started this process with uploading my .aab, but, on checking its existence, found it was no longer there.
Re-uploading the same .aab now gets me this:
The Android App Bundle was not signed.
Didn’t I just jump through the hoops exactly to get it signed by Apple?
I then tried signing the .aab in the way I had been doing with earlier builds:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 app-release.aab {{myalias}}
The, now signed, app-release.aab was now accepted by Google, and I managed to get it accepted as a new release for testing.
Thanks @renanccastro, @cmboros.