The only solution here was to start with a fresh key. The previous key had been imported from a PKCS12 format and I think that somehow caused the gradle code to generate a different certificate than jarsigner.
gradle assembleRelease uses wrong key/certificate
-
05-10-2022 - |
Domanda
I have a gradle-based android project and trying to generate a release apk. However, it seems that somehow gradle is picking up the wrong key/cert.
This is what I have in build.gradle:
signingConfigs {
release {
storeFile file("mykey.jks")
storePassword "mypass"
keyAlias "mykey.key"
keyPassword "mypass"
}
}
buildTypes {
release {
debuggable false
jniDebugBuild false
runProguard true
proguardFile getDefaultProguardFile('proguard-android.txt')
signingConfig signingConfigs.release
}
}
And after running
gradlew assembleRelease
and taking out META-INF/CERT.RSA from inside the .apk I run the following:
keytool -list -keystore mykey.jks
and
keytool -printcert -v -file CERT.RSA
but they produce output with different certificate fingerprints. Trying with a certificate from another apk signed with the same key (but not with gradle) yields the correct certificate fingerprint.
Gradle seems to be picking up the keystore fine (changing the password or location or alias makes it stop working).
I'm puzzled since I don't want to release something to the store signed with an unknown key and then not be able to update it. I don't have a debug key explicitly defined in gradle.
UPDATE: This has something to do with the keystore. Trying the same gradle code with a fresh keystore and key works fine. This problematic keystore was imported from a pkcs#12 format (.p12 file). Using Intellij or jarsigner works fine with this keystore though, it's just the gradle code that has a different output - and it seems only the certificate generated from the key is different.
Soluzione 3
Altri suggerimenti
In my case I was not aware I am using debug keystore file for release. In project/android/app/build.gradle
buildTypes {
debug {
signingConfig signingConfigs.debug
}
release {
// Caution! In production, you need to generate your own keystore file.
// see https://facebook.github.io/react-native/docs/signed-apk-android.
signingConfig signingConfigs.debug // <-- need to be changed with
//the line below
//signingConfig signingConfigs.release
minifyEnabled enableProguardInReleaseBuilds
proguardFiles getDefaultProguardFile("proguard-android.txt"), "proguard-rules.pro"
}
}
I faced the same issue while building signed .aab file with gradle. It has to do with gradle caching issue. I just restarted my gradle daemon threads running in my system and clean gradle cache.
./gradlew --stop
./gradlew clean
./gradlew bundleRelease
And it resolved the problem.