Why This is Needed

• Every Android app on Play Store is signed with a signing key.
• If your team loses the upload key (used to sign and upload updates), you cannot release new versions.
• Since your app is enrolled in Play App Signing (Google manages the actual signing key), you only need to reset the upload key.

---

Step 1: Generate a New Upload Key

On the development machine (Windows, macOS, or Linux):

1. Open Terminal/PowerShell.
2. Run this command (replace passwords with your secure values):

keytool -genkey -v -keystore converter-pro-key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias upload

• converter-pro-key.jks → name of your keystore file (save securely).
• alias upload → key alias (you can choose another, but note it).
• -validity 10000 → key valid for ~27 years.

👉 This creates a new keystore (.jks) file. Keep it safe and backed up.

---

Step 2: Export the Public Certificate (.pem)

From the same folder, run:

keytool -exportcert -rfc -keystore converter-pro-key.jks -alias upload -file upload_converter_certificate.pem

• Enter your keystore password when prompted.
• This generates a PEM certificate file → upload_converter_certificate.pem.

⚠️ Important: You will send only this .pem file to Google, not the .jks.

---

Step 3: Request Upload Key Reset in Play Console

1. Go to Google Play Console.
2. Select your app.
3. Navigate to: Release → Setup → App integrity
4. Scroll down to Upload key certificate.
5. At the bottom, click:
   👉 Request upload key reset.

This opens a Google Play support form.

---

Step 4: Submit the Support Request

In the form:

• Select your app package (e.g., com.company.app).
• Reason: “Lost old upload key, need to reset with a new one.”
• Attach your upload_converter_certificate.pem.
• Submit.

Google usually replies within 24–48 hours.

---

Step 5: Wait for Confirmation

• You’ll receive an email confirmation once your new upload key is activated.
• After that, you must sign all future APK/AAB uploads with your new keystore (converter-pro-key.jks).

---

Step 6: Update Build Configuration

For Gradle (Native Android Apps)

In gradle.properties (secure storage):

KEYSTORE_FILE=C:\\path\\to\\converter-pro-key.jks
KEY_ALIAS=upload
KEYSTORE_PASSWORD=your_store_password
KEY_PASSWORD=your_key_password

In app/build.gradle:

android {
    signingConfigs {
        release {
            storeFile file(KEYSTORE_FILE)
            storePassword KEYSTORE_PASSWORD
            keyAlias KEY_ALIAS
            keyPassword KEY_PASSWORD
        }
    }
    buildTypes {
        release {
            signingConfig signingConfigs.release
        }
    }
}

---

For Flutter Apps

1. Create a file key.properties in your Android folder: storePassword=your_store_password keyPassword=your_key_password keyAlias=upload storeFile=C:\\path\\to\\converter-pro-key.jks
2. Update android/app/build.gradle: def keystoreProperties = new Properties() def keystorePropertiesFile = rootProject.file("key.properties") if (keystorePropertiesFile.exists()) { keystoreProperties.load(new FileInputStream(keystorePropertiesFile)) } android { signingConfigs { release { keyAlias keystoreProperties['keyAlias'] keyPassword keystoreProperties['keyPassword'] storeFile file(keystoreProperties['storeFile']) storePassword keystoreProperties['storePassword'] } } buildTypes { release { signingConfig signingConfigs.release } } }

---

Best Practices

• Always backup your keystore (.jks) in multiple secure locations.
• Store passwords in a password manager (not in code).
• Only share the .pem certificate with Google—not the .jks.
• Document this process in your team wiki.

---

Quick Recap

1. Generate new keystore (.jks)
2. Export .pem certificate
3. Go to Play Console → App integrity
4. Click Request upload key reset
5. Upload .pem and submit
6. Wait for Google confirmation
7. Update Gradle/Flutter config to use new keystore

---