How to import Google Play Console certificate from an existing Android app into eas credentials?

managed workflow / eas-cli/3.9.2 darwin-arm64 node-v16.17.0

I am having trouble importing the Android “Upload key certificate” certificate from an app that’s already published on the Play Store into my EAS credentials. Can someone please take a look the at steps I’ve taken and let me know if I’m missing anything or if I’m doing something wrong? Any help would be greatly appreciated!

The steps I took were:

  1. Download the “Upload key certificate” from Google Play Console (named “upload_cert.der”)
  2. Create a PKCS12 certificate from upload_cert.der using the following command:
    keytool -import -alias upload -keystore keystore.jks -file upload_cert.der -storepass "password"
  3. Import the “keystore.jks” to eas with the “eas credentials” command (Android → Production → Keystore → Set up new keystore)
  4. Build file with: eas build -p android

The command above gives the following error: “trusted certificate entries are not password-protected”

file in play console is just a public key, you can’t get keystore back from that. You need to have an orginal keystore that was used to sign the previous app.

If you lost it, you can contact play store support to reset your certificate. They will ask you to generate new keystore, export public key from the keystore and send it to them. Just to clarify, you will need keystore for singing, but you are only sending public key to support.

Oh, that makes sense! Thank you so much. I’ve been struggling with this for some days now.