Expo build:android failed in task :app:packageRelease

Hi guys,

so each time I try to build for Android I’m getting:

28 actionable tasks: 28 executed


FAILURE: Build failed with an exception.


* What went wrong:


Execution failed for task ':app:packageRelease'.


> com.android.ide.common.signing.KeytoolException: Failed to read key XYZ from store "/tmp/turtle/keystore-XYZ.jks": Get Key failed: Given final block not properly padded


* Try:


Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.


* Get more help at https://help.gradle.org


BUILD FAILED in 3m 45s

Error: ./gradlew exited with non-zero code: 1
    at ChildProcess.completionListener (/app/turtle/node_modules/@expo/xdl/node_modules/@expo/spawn-async/build/spawnAsync.js:52:23)
    at Object.onceWrapper (events.js:317:30)
    at emitTwo (events.js:126:13)
    at ChildProcess.emit (events.js:214:7)
    at maybeClose (internal/child_process.js:915:16)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:209:5)
    at spawnAsync (/app/turtle/node_modules/@expo/xdl/node_modules/@expo/spawn-async/build/spawnAsync.js:17:21)
    at spawnAsyncThrowError (/app/turtle/node_modules/@expo/xdl/build/detach/ExponentTools.js:169:43)
    at buildShellAppAsync (/app/turtle/node_modules/@expo/xdl/build/detach/AndroidShellApp.js:697:11)
    at <anonymous>

Any ideas on how to fix it? Or what’s going on?

1 Like

Hey! Sorry you’re having trouble building

Could you run expo diagnostics and paste the output here? Also, go ahead and link me the buildID for that failed build (or any similar one)

I’m also running into this error, only at a slightly different task:

Execution failed for task ':app:packageProdKernelRelease'.

I’ve doublechecked that the keystore file, alias, keystore password, and key password are all correct.

Here are my diagnostics:

  Expo CLI 3.0.6 environment info:
      OS: macOS 10.14.6
      Shell: 3.2.57 - /bin/bash
      Node: 8.14.0 - /usr/local/bin/node
      npm: 6.10.2 - /usr/local/bin/npm
      Android Studio: 3.3 AI-182.5107.16.33.5264788
      Xcode: 10.3/10G8 - /usr/bin/xcodebuild
      @storybook/react-native: ^4.1.14 => 4.1.18
      expo: ^33.0.0 => 33.0.7
      react: 16.8.3 => 16.8.3
      react-native: https://github.com/expo/react-native/archive/sdk-33.0.0.tar.gz => 0.59.8
      react-navigation: ^2.9.3 => 2.18.3
      expo-cli: 3.0.6

My build ID is 57318154-13e7-49d7-aadd-13ec4fbab99e

Sure, here are the results:

Expo CLI 3.0.6 environment info:
      OS: macOS Sierra 10.12.6
      Shell: 3.2.57 - /bin/bash
      Node: 10.16.0 - /usr/local/bin/node
      Yarn: 1.17.3 - /usr/local/bin/yarn
      npm: 6.9.0 - /usr/local/bin/npm
      Watchman: 4.9.0 - /usr/local/bin/watchman
      Android Studio: 3.0 AI-171.4443003
      Xcode: 8.3.3/8E3004b - /usr/bin/xcodebuild
      expo: ^33.0.0 => 33.0.7 
      react: 16.8.3 => 16.8.3 
      react-native: https://github.com/expo/react-native/archive/sdk-33.0.0.tar.gz => 0.59.8 
      react-navigation: ~2.3.1 => 2.3.1 
      expo-cli: 3.0.6

Happened the same with expo-cli 3.0.4

Also here is the build id: 4cfb4fab-69ca-4a12-b332-7b19feee8f8c

@charliecruzan also noticed that it seems to be related with the project, tried changing the project name and the build was successful.

Is it something related with credentials/keystore maybe?

@thomascdaly I’ve seen that exact error message before and it was a credentials issue. If you haven’t uploaded any previous versions to the store yet, just run the build command with -c flag which will clear credentials and generate new ones. You can also run expo fetch:android:keystore and verify whether those credentials are valid for the keystore.

@thomascdaly yours looks to be keystore related as well,

Execution failed for task ':app:packageRelease'.

> com.android.ide.common.signing.KeytoolException:

So same questions/suggestions to you as above

Hey @charliecruzan, the command I ran is expo build:android --clear-credentials --no-publish --type app-bundle and entered in the path to the keystore I wanted to use with the associated passwords and alias. My understanding is that this will clear the existing keystore, upload a new keystore, and build an android bundle signed with the specified keystore.

after the build failed, I fetched the keystore that was in on expo’s servers, and it was not the one that I uploaded.

Let me know if I can help debug any further!

What happens if I already published my app, what alternatives should I try?


Cross posting from https://forums.expo.dev/t/build-android-failed-in-task-packagerelease-attempting-to-build-64-bit-bundle-using-new-keys-generated-by-expo-opt-in-google-play-signing-process

This was such a stupid process. We went through the whole expo opt-in-google-play-signing process and thankfully we thought to hang onto the .jks.bak file and the details that Expo spat out when opting into Google Play signing. Expo suggested that it should delete the cert from their servers given that I’d confirmed that Google Play signing was turned on.

Then we ran into the exact issue above. Builds were failing because Expo couldn’t find the cert. Derp. So we ran expo build:android --clear-credentials -t app-bundle just to get builds working again. We let Expo generate its own cert because we didn’t think it mattered. When we tried to push this to Google Play we got the error:

[!] Google Api Error: apkNotificationMessageKeyBundleSignedWithWrongKey: The Android App Bundle was signed with the wrong key. Found: SHA1: 43:4A:06:DB:…, expected: SHA1: CA:94:83:B8:…

So we ran keytool -list -v -keystore app_sign.jks.bak -alias QGNoYXJnZWZ to check the fingerprint of the .jks.bak file that Expo spat out. Lo and behold it’s the exact cert that we still need to be signing our builds with.

So we ran another build with --clear-credentials and uploaded that cert back to Expo’s servers and everything works again now.

Hang onto that backup keystore!

@thomascdaly take a look at these docs, I’m thinking that some step might have been missed at some point

@charliecruzan I have a .jks which I would like to use to sign the bundle (the same one we’ve been using all along for previous builds), expo build:android --clear-credentials --no-publish --type app-bundle fails to upload and sign using the .jks I specify.

I read the doc you posted, but don’t see anything I might have missed. Can you confirm that the command I listed should upload the specified .jks and sign the app bundle? I’ve double checked that the .jks is valid and that the credentials I enter when prompted are correct.

Thanks in advance!

1 Like

Just bumping this - still running into an issue. @charliecruzan let me know if my understanding of how this process should work is correct.

Yes, you are correct. Can you provide a link to one of those builds?

Error posted by the original author of this topic was caused by opt-in-google-play-signing, did you used this command too?
When you clear credentials does keystore stay the same or is it a new one (expo fetch:android:hashes)?
What version of expo-cli are you using?

@wkozyra this was not caused by running opt-in-google-play-signing - our app was already enabled for Google Play signing prior to trying to build an app bundle.

Expo version 3.0.9

The hashes before and after a failed build are the same.

Here’s a failed build from just now https://expo.io/builds/7f007d23-88ce-47ac-8092-6cb06c519fab

Can you run keytool -list -keystore keystore.jks on keystore you want to use and on the one on expo servers.
What is the Keystore type (should be jks)?
Are Certificate fingerprints matching ones on app signing page in google play console?


Keystore type: PKCS12, however it is a .jks file.

The certificate fingerprint matches the upload certificate fingerprint on the google play console.

Are you talking about keystore currently present on expo server or the one you want to upload? What about the other one?

This keystore is in pkcs format (.p12 file) it’s just named incorrectly. To convert it back to jks follow those instructions build:android failed in task :app:packageRelease (attempting to build 64-bit bundle using new keys generated by `expo opt-in-google-play-signing` process)

EDIT: fixed wrong link, thanks @vna

1 Like

@thomascdaly: I think @wkozyra meant these instructions: build:android failed in task :app:packageRelease (attempting to build 64-bit bundle using new keys generated by `expo opt-in-google-play-signing` process)

@wkozyra @vna Thanks for the help! Converting from p12 to jks did the trick:

keytool -importkeystore -srckeystore [MY_FILE.p12] -srcstoretype pkcs12
 -srcalias [ALIAS_SRC] -destkeystore [MY_KEYSTORE.jks]
 -deststoretype jks -deststorepass [PASSWORD_JKS]  -destkeypass [PASSWORD_KEY] -destalias [ALIAS_DEST]

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.