[SOLVED] app bundle/apk is not signed with the upload certificate

Expo Development Tools
1

Hello,

upload-fail
upload-fail956×279 21.9 KB

I come from expo eject, before I already uploaded a .aab file from expo build:android -t app-bundle when I was still using expo SDK.

I used expo fetch:android:keystore to get the .jks file

keytool -list -v -keystore key.jks gives the same Certificate fingerprints than the Upload certificate on the Play Store Console under Release Management → App signing → Upload certificate

Therefore I guess it’s not a problem with the .jks file

/android/app/gradle.properties:

android.useAndroidX=true
android.enableJetifier=true

MYAPP_UPLOAD_STORE_FILE=key.jks
MYAPP_UPLOAD_KEY_ALIAS=QGJpZGV0YWdnbGUva2lzc2NoYXQtcHJvdWRjaGF0
MYAPP_UPLOAD_STORE_PASSWORD=*****
MYAPP_UPLOAD_KEY_PASSWORD=*****

org.gradle.daemon=true
org.gradle.parallel=true
org.gradle.jvmargs=-Xmx2560m

/android/app/build.gradle:

    signingConfigs {
    /*
        debug {
            storeFile file('debug.keystore')
            storePassword 'android'
            keyAlias 'androiddebugkey'
            keyPassword 'android'
        }
    */
        release {
            if (project.hasProperty('MYAPP_UPLOAD_STORE_FILE')) {
                storeFile file(MYAPP_UPLOAD_STORE_FILE)
                storePassword MYAPP_UPLOAD_STORE_PASSWORD
                keyAlias MYAPP_UPLOAD_KEY_ALIAS
                keyPassword MYAPP_UPLOAD_KEY_PASSWORD
            }
        }
    }

I didn’t notice any change during ./gradlew bundleRelease when I purposely put wrong passwords in gradle.properties, does it really sign something?

Is there a way to see the signature on the .aab file with linux?

3

If you specify wrong password build should fail, so most likely that if statement returns false.

I’m not sure if you can use gradle.properties the way you are using. I think you need to put sth like

org.gradle.project.MYAPP_UPLOAD_STORE_FILE=key.jks

use print statements to make sure that return value of hasProperty and all the values are correct

4

Okay, I added a print statement as below and it goes through the if statement, no need to change anything in gradle.properties.

I found the solution somewhere else in build.gradle:
I had to change the line signingConfig signingConfigs.debug to signingConfig signingConfigs.release in

    signingConfigs {
    /*
        debug {
            storeFile file('debug.keystore')
            storePassword 'android'
            keyAlias 'androiddebugkey'
            keyPassword 'android'
        }
    */
        release {
            if (project.hasProperty('MYAPP_UPLOAD_STORE_FILE')) {
                println "MYAPP_UPLOAD_STORE_FILE property found"
                storeFile file(MYAPP_UPLOAD_STORE_FILE)
                storePassword MYAPP_UPLOAD_STORE_PASSWORD
                keyAlias MYAPP_UPLOAD_KEY_ALIAS
                keyPassword MYAPP_UPLOAD_KEY_PASSWORD
            }
            else{
                println "no MYAPP_UPLOAD_STORE_FILE"
            }
        }
    }
    buildTypes {
        debug {
            signingConfig signingConfigs.debug
        }
        release {
            // Caution! In production, you need to generate your own keystore file.
            // see https://facebook.github.io/react-native/docs/signed-apk-android.
            signingConfig signingConfigs.debug  // <- [SOLUTION HERE] replace debug by release
            minifyEnabled enableProguardInReleaseBuilds
            proguardFiles getDefaultProguardFile("proguard-android.txt"), "proguard-rules.pro"
        }
    }

Thanks for your help