Though the Android docs suggest that you need to use Android Studio to generate your signing keys, this is not the case. All you need is the
keytool command, which you already have if you have Java installed.
You need two signing keys for uploading to Google Play. The first is the
Upload Key. This is used to sign the
.aab bundle to confirm to Google Play that the developer has permission to upload it. Google Play then takes this
.aab file and generates
.apk installer files for many different device types. It uses the
Release Key to sign these
Generating the keys
First, generate the upload key. This will also create the keystore.
keytool -genkeypair -v -keystore my-app.keystore -alias upload -keyalg RSA -keysize 2048 -validity 10000 -storetype jks
You will be prompted for the new keystore password. Make sure to save this and all the passwords somewhere safe. You will then be asked for personal / company details, which will be associated with the key. You can skip all of these fields, and then type “yes”. Finally, you will be asked for a password for the upload key. I recommend using a different password to the keystore here.
Now we can create the release key, which can do in the same keystore. The command is the same, except the
alias has changed to
keytool -genkeypair -v -keystore my-app.keystore -alias release -keyalg RSA -keysize 2048 -validity 10000 -storetype jks
Again, I recommend using a unique password here, different to the keystore and upload keys.
That’s it! You now have both of your keys in one keystore. It is safe to put this keystore into your git repository, but keep the passwords separate and secure.