Android Question Google Play Console and Updating old APK with App Bundle with Wrong Keys

[Azhar]

Hi

I apologise as this topic has been beaten to death but my problem I cannot resolve.

I have several apps written ages ago that I keep updated. Initially, I opted for Google to manage app signing etc.
All my apps were uploaded without any Private Sign Key and all as APK's - not App Bundles.

I have to update the APK apps to meet Google's new Target SDK etc. But as you all know, Google will not allow APK's to be uploaded, only App Bundles and they must be Privately Signed.

So I have generated a new Private Sign Key for the app release that needs to be updated in the Play Store, then compiled as an App Bundle.
Upon trying to upload into the Google Play Console I get the typical error stating my App Bundle was signed with a different certificate.

I can see the two public certificates which Google hold for my app on their server:

App signing key certificate
Upload key certificate

I'm totally confused. How do I get around submitting my release as a signed app bundle where the new key matches the old existing one which Google expects from the time long ago when I initially uploaded as Google managed APK's?

 

[mcqueccu]

Do you have your old keystore?

 

[Azhar]

Do you have your old keystore?

Hi,

I never signed my APK's when I originally uploaded them.
I think I'm doomed in this case

 

[Erel]

There is no such thing. All builds are signed.

If you haven't done anything then you have used the debug key to sign. Not recommended but you can continue to use that key.

 

[Azhar]

There is no such thing. All builds are signed.

If you haven't done anything then you have used the debug key to sign. Not recommended but you can continue to use that key.

Hi Erel,

The compiler fails when trying to compile the project as an App Bundle under Release +/- Obfuscated mode when selecting 'Use debug key' in the Tools>Private Sign Key

ObfuscatorMap.txt file created in Objects folder.
Compiling layouts code. (0.01s)
Organizing libraries. (0.00s)
(AndroidX SDK)
Compiling resources (0.08s)
Linking resources (0.28s)
Compiling generated Java code. (1.17s)
Finding libraries that need to be dexed. (0.00s)
Dex code (1.22s)
Dex merge (1.49s)
Copying libraries resources (0.46s)
Building app bundle (0.77s)
Signing AAB file Error
Private signing key not set

... However, I noticed the compiler did actually create the result.aab file. Upon uploading that into Google Play Console it rejected it as 'The Android App Bundle was not Signed'

 

[Erel]

Upload the APK instead of the AAB file.

Another option is to use the debug key as your private key. But the first option is simpler and the result will be the same.

Do note that the debug key is public and there is a risk here.