Google signature file upload jks generated zip restricted processing
Since 2023-06-21, when Google uploaded a new app, I received a prompt when uploading the signature file zip.
"The encryption key used has expired. Use a newly generated encryption key."
The final solution is as follows:
1. Determine the zip generation method
Because the project is self-managed and signed using jks, the fourth method is chosen.
“Export and upload a key(not using Java keystore)”
2. Follow the instructions to generate zip
2.1 Download the newly provided pepk.jar file
2.2 Download the public key encryption_public_key.pem file
Note that encryption_public_key.pem of each package needs to be downloaded separately, and this file is different for each package. cannot be shared
2.3 Generate
cd to the directory where jks and the newly downloaded pepk.ja and other files are stored, and execute the script
java -jar pepk.jar --keystore=./test.jks --alias=testname --output=./test.zip --include-cert --rsa-aes-encryption --encryption-key-path=./encryption_public_key.pem
Note that you must download the public key gem file from the link of the fourth method (Export and upload a key (not using Java keystore)) of the current application.
The instructions generated by the third and fourth types are the same, but the encryption_public_key.pem file is different.
3.Upload zip
When uploading, be sure to delete the old one and upload the zip in the fourth type (Export and upload a key (not using Java keystore))
4. Possible problems:
When executing the above script to generate a zip, an error may be reported.
Error: Unable to export or encrypt the private key
java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/NONE/OAEPWithSHA1AndMGF1Padding
This is caused by the current Java environment.
Just use the Java downloaded from Android studio.
Find the corresponding Java path and set the Java version in the device environment variable to this version.