1

Background:

I let Google Play Store manage my key singing. Therefore, when creating a signed bundle in Andriod Studio I have to use the key I gave over to Google. Otherwise, when uploading the .aab Google notifies me, that the "App Bundle is signed with the wrong key". So I had to:

keytool -list -v -keystore keystorefile.jks

through all the keystore files to find the key I inititially gave over to Google.

Now following issue aroused:

When generating the signed bundle in Andriod Studio with the key that had the right signature. Andriod Studio was giving me following error message

trusted certificate entries are not password-protected

I learned here that the issue may be that the entry of the key I am using is not PrivateKeyEntry but trustedCertEntry. So I checked the entry of the key by using again the above keytool command. And yes, my key entry is trustedCertEntry.

OK, in the meantime I understood: you cannot turn a trustedCertEntry into a PrivateKeyEntry. You have to find the key with the PrivateKeyEntry - the private key.

Therefore I kept searching all my keystore with the keytool command above to finally find the one private key that has the right signature.

No further questions from my side. Back up your keys!

Laurel
  • 5,965
  • 14
  • 31
  • 57
Joachim
  • 67
  • 1
  • 6
  • I would export certificate and private key to a new file, e.g. a PKCS#12 file and then build a new keystore file, importing the exported data. I don't know the keytool commands as I prefer UI based tools for such operations https://keystore-explorer.org – Robert Aug 04 '21 at 16:20
  • Thanks Robert tried it with the tool, too. Problem with entry being trustedCertEntry is that there is no private key. – Joachim Aug 05 '21 at 12:58

0 Answers0