如何启用 Google Play 应用签名

java -jar "C:UsersYourNameDownloadspepk.jar"--keystore=C:Androidmykeystore"--alias=myalias --output=C:Androidprivate_key.pem"--encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9dea

按Enter，您需要按顺序提供:

1. 密钥库密码
2. 别名密码

如果一切顺利，您现在将在 PATH_TO_OUTPUT_FILE 文件夹中有一个名为 private_key.pem 的文件.

第 3 步:点击与下图相同的按钮上传 private_key.pem 文件

第 4 步:使用 Android Studio 创建一个新的密钥库文件.

您未来将需要此密钥库来签署您的应用程序，不要忘记密码

打开您的一个 Android 项目(随机选择一个).转到构建 ->生成签名的 APK 并按新建.

现在您应该填写必填字段.

密钥库路径代表您将创建的新密钥库，使用右侧的 3 点图标选择文件夹和名称，我选择 C:Androidupload_key.jks(.jks 扩展名会自动添加)

<块引用>

注意:我使用 upload 作为新的别名，但如果您之前使用具有不同别名的相同密钥库来签署不同的应用程序，您应该选择之前在原始密钥库中使用的相同别名.

完成后按 OK，现在您将拥有一个新的 upload_key.jks 密钥库.您现在可以关闭 Android Studio.

第 5 步:我们需要从新创建的 upload_key.jks 密钥库中提取上传证书.打开终端并输入:

keytool -export -rfc -keystore UPLOAD_KEYSTORE_PATH -alias UPLOAD_KEYSTORE_ALIAS-file PATH_TO_OUTPUT_FILE

传说:

• UPLOAD_KEYSTORE_PATH = 您刚刚创建的上传密钥库的路径.在这种情况下是 C:Androidupload_key.jks.
• UPLOAD_KEYSTORE_ALIAS = 与上传密钥库关联的新别名.在这种情况下是上传.
• PATH_TO_OUTPUT_FILE = 扩展名为 .pem 的输出文件的路径.C:Androidupload_key_public_certificate.pem 之类的东西.

例子:

keytool -export -rfc -keystore "C:Androidupload_key.jks"-别名上传-文件C:Androidupload_key_public_certificate.pem"

按 Enter 键，您需要提供密钥库密码.

现在，如果一切正常，您将在 PATH_TO_OUTPUT_FILE 文件夹中拥有一个名为 upload_key_public_certificate.pem 的文件.

第 6 步:上传 upload_key_public_certificate.pem 文件，点击与下图相同的按钮

第 7 步:点击应用签名页面末尾的 ENROLL 按钮.

现在每个新发布的 APK 都必须使用 upload_key.jks 密钥库和在第 4 步中创建的别名进行签名，然后才能上传到 Google Play 开发者控制台.

更多资源:

• 关于 Google Play 应用签名的 Google 文档
• 在您丢失上传密钥库时请求重置的表单

问答

问:当我上传使用新的 upload_key 密钥库签名的 APK 时，Google Play 显示如下错误:您上传了未签名的 APK.您需要创建一个签名的 APK.

答:在构建发布版 APK 时，检查以使用两个签名(V1 和 V2)对 APK 进行签名.阅读此处了解更多详情.

更新

第 4、5、6 步是创建上传密钥，对于现有应用程序是可选的

"上传密钥(现有应用程序可选):您在注册程序期间生成的新密钥.您将使用上传密钥对所有未来的 APK 进行签名，然后再将它们上传到 Play 管理中心."https://support.google.com/googleplay/android-developer/answer/7384423

I think a lot of developers are trying to learn more about the new Google Play App Signing feature presented at Google I/O 2017.

The ability to store the keystore to sign the apps inside Google Play save you the effort to safely store the keystore and can help the system to optimize the APKs served to every device, based on hardware and OS characteristics.

You can read more about this topic in the official documentation here : https://developer.android.com/studio/publish/app-signing.html#google-play-app-signing.

With the following answer, i will explain a bit better the steps you need to follow to upload your original keystore and how to create the new upload keystore, which you will need to sign your APK from this point onwards.

Before proceeding watch this Android Developers video to understand the implications of your App Signing enrollment choice: https://youtu.be/odv_1fxt9BI

This guide is oriented to developers who already have an application in the Play Store. If you are starting with a new app the process it's much easier and you can follow the guidelines of paragraph "New apps" from here

Prerequisites that 99% of developers already have :

1. Android Studio

2. JDK 8 and after installation you need to setup an environment variable in your user space to simplify terminal commands. In Windows x64 you need to add this : C:Program FilesJava{JDK_VERSION}in to the Path environment variable. (If you don't know how to do this you can read my guide to add a folder to the Windows 10 Path environment variable).

Step 0: Open Google Play developer console, then go to Release Management -> App Signing.

Accept the App Signing TOS.

Step 1: Download PEPK Tool clicking the button identical to the image below

Step 2: Open a terminal and type:

java -jar PATH_TO_PEPK --keystore=PATH_TO_KEYSTORE --alias=ALIAS_YOU_USE_TO_SIGN_APK --output=PATH_TO_OUTPUT_FILE --encryptionkey=GOOGLE_ENCRYPTION_KEY

Legend:

• PATH_TO_PEPK = Path to the pepk.jar you downloaded in Step 1, could be something like C:UsersYourNameDownloadspepk.jar for Windows users.
• PATH_TO_KEYSTORE = Path to keystore which you use to sign your release APK. Could be a file of type *.keystore or *.jks or without extension. Something like C:Androidmykeystore or C:Androidmykeystore.keystore etc...
• ALIAS_YOU_USE_TO_SIGN_APK = The name of the alias you use to sign the release APK.
• PATH_TO_OUTPUT_FILE = The path of the output file with .pem extension, something like C:Androidprivate_key.pem
• GOOGLE_ENCRYPTION_KEY = This encryption key should be always the same. You can find it in the App Signing page, copy and paste it. Should be in this form: eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a

Example:

java -jar "C:UsersYourNameDownloadspepk.jar" --keystore="C:Androidmykeystore" --alias=myalias --output="C:Androidprivate_key.pem" --encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d2a529a2092761fb833b656cd48b9de6a

Press Enter and you will need to provide in order:

1. The keystore password
2. The alias password

If everything has gone OK, you now will have a file in PATH_TO_OUTPUT_FILE folder called private_key.pem.

Step 3: Upload the private_key.pem file clicking the button identical to the image below

Step 4: Create a new keystore file using Android Studio.

YOU WILL NEED THIS KEYSTORE IN THE FUTURE TO SIGN THE NEXT RELEASES OF YOUR APP, DON'T FORGET THE PASSWORDS

Open one of your Android projects (choose one at random). Go to Build -> Generate Signed APK and press Create new.

Now you should fill the required fields.

Key store path represent the new keystore you will create, choose a folder and a name using the 3 dots icon on the right, i choosed C:Androidupload_key.jks (.jks extension will be added automatically)

NOTE: I used upload as the new alias name but if you previously used the same keystore with different aliases to sign different apps, you should choose the same aliases name you had previously in the original keystore.

Press OK when finished, and now you will have a new upload_key.jks keystore. You can close Android Studio now.

Step 5: We need to extract the upload certificate from the newly created upload_key.jks keystore. Open a terminal and type:

keytool -export -rfc -keystore UPLOAD_KEYSTORE_PATH -alias UPLOAD_KEYSTORE_ALIAS -file PATH_TO_OUTPUT_FILE

Legend:

• UPLOAD_KEYSTORE_PATH = The path of the upload keystore you just created. In this case was C:Androidupload_key.jks.
• UPLOAD_KEYSTORE_ALIAS = The new alias associated with the upload keystore. In this case was upload.
• PATH_TO_OUTPUT_FILE = The path to the output file with .pem extension. Something like C:Androidupload_key_public_certificate.pem.

Example:

keytool -export -rfc -keystore "C:Androidupload_key.jks" -alias upload -file "C:Androidupload_key_public_certificate.pem"

Press Enter and you will need to provide the keystore password.

Now if everything has gone OK, you will have a file in the folder PATH_TO_OUTPUT_FILE called upload_key_public_certificate.pem.

Step 6: Upload the upload_key_public_certificate.pem file clicking the button identical to the image below

Step 7: Click ENROLL button at the end of the App Signing page.

Now every new release APK must be signed with the upload_key.jks keystore and aliases created in Step 4, prior to be uploaded in the Google Play Developer console.

More Resources:

• Google documentation on Google Play App Signing
• Form to request the reset of your upload keystore if you lose it

Q&A

Q: When i upload the APK signed with the new upload_key keystore, Google Play show an error like : You uploaded an unsigned APK. You need to create a signed APK.

A: Check to sign the APK with both signatures (V1 and V2) while building the release APK. Read here for more details.

UPDATED

The step 4,5,6 are to create upload key which is optional for existing apps

"Upload key (optional for existing apps): A new key you generate during your enrollment in the program. You will use the upload key to sign all future APKs prior to uploading them to the Play Console." https://support.google.com/googleplay/android-developer/answer/7384423

这篇关于如何启用 Google Play 应用签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！