FlutterFlow: android app bundle was signed with the wrong key

Question

The current app is live on the Google Play store and it was developed in React Native by another developer who is no longer with the company.

We decided to build a new app, using FlutterFlow. Flutterflow used codemagic behind the scenes to deploy the build to the Google Play store.

Instead of creating a new app, we simply just want to release a new version, leaving our existing user base and settings from the Play Store.

We are deploying on the internal track and we are creating an internal release and uploading the .abb. however, we are met with the error below

The Android App Bundle was signed with the wrong key. Found: xxxxxx, expected: SHA1: xxxxxx

I am a bit lost in creating new upload keys, because we use FlutterFlow for build/deployment.

What is the best way of fixing this issue to release a new version of our app?

Answer 1

If possible, retrieve the original keystore file used by the previous developer. This is crucial for updating the existing app on Google Play Store.

Then you would be able to update the configuration in FlutterFlow or Codemagic: If FlutterFlow allows you to specify a custom keystore for signing, update the configuration to use the original keystore. The specifics would depend on FlutterFlow's interface or, alternatively, Codemagic if you have direct access to it.

To retrieve the old key, this thread suggests:

You should first have a look and see if you have app signing turned on.

Login to the console, select the app and then "app integrity" from under the setup menu. There you will find a tab "App Signing" if that is enabled that you can follow the instructions from this page to upload a new key: "Use Play App Signing / Create an upload key and update keystores"

---

It is not possible to get the original keystone file.
The concept I am having trouble with is following the docs on generating a new key: Step 1 generating an upload key using Android Studio. How exactly can this be done if we are using Flutterflow for this?

You have the general Android Studio method here and in "Play Console Help / Use Play App Signing".

Regarding FlutterFlow, check if you can follow "FlutterFlow | Build and release an Android app on Google Play Store " from Tarlan Isaev.

build.grudle:

def localProperties = new Properties()
def localPropertiesFile = rootProject.file('local.properties')
if (localPropertiesFile.exists()) {
    localPropertiesFile.withReader('UTF-8') { reader ->
        localProperties.load(reader)
    }
}

def flutterRoot = localProperties.getProperty('flutter.sdk')
if (flutterRoot == null) {
    throw new GradleException("Flutter SDK not found. Define location with flutter.sdk in the local.properties file.")
}

def flutterVersionCode = localProperties.getProperty('flutter.versionCode')
if (flutterVersionCode == null) {
    flutterVersionCode = '1'
}

def flutterVersionName = localProperties.getProperty('flutter.versionName')
if (flutterVersionName == null) {
    flutterVersionName = '1.0'
}

apply plugin: 'com.android.application'
apply plugin: 'kotlin-android'
apply from: "$flutterRoot/packages/flutter_tools/gradle/flutter.gradle"
apply plugin: 'com.google.gms.google-services' // Google Services plugin

def keystoreProperties = new Properties()
def keystorePropertiesFile = rootProject.file('key.properties')
if (keystorePropertiesFile.exists()) {
    keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}

android {
    compileSdkVersion 30
    ndkVersion '23.1.7779620'
    sourceSets {
        main.java.srcDirs += 'src/main/kotlin'
    }
    lintOptions {
        disable 'InvalidPackage'
    }
    defaultConfig {
        // TODO: Specify your own unique Application ID (https://developer.android.com/studio/build/application-id.html).
        applicationId "com.flutterflow.foodshare"
        minSdkVersion 23
        targetSdkVersion 30
        versionCode flutterVersionCode.toInteger()
        versionName flutterVersionName
        ndk {
            debugSymbolLevel 'FULL'
        }
    }
    signingConfigs {
        release {
            keyAlias keystoreProperties['keyAlias']
            keyPassword keystoreProperties['keyPassword']
            storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
            storePassword keystoreProperties['storePassword']
        }
    }
    buildTypes {
        release {
            // TODO: Add your own signing config for the release build.
            // Signing with the debug keys for now, so 'flutter run --release' works.
            signingConfig signingConfigs.release
        }
    }
}
flutter {
    source '../..'
}
dependencies {
    implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version"
    implementation 'io.card:android-sdk:5.+'
}
// End

key.properties:

storePassword=your_password
keyPassword=your_password
keyAlias=upload
storeFile=/Users/organic/Development/foodshare-flutter/android/app/upload-keystore.jks

Sign, then build with:

/Users/organic/Library/Java/JavaVirtualMachines/openjdk-16.0.1/Contents/Home/bin/keytool -genkey -v -keystore android/app/upload-keystore.jks -keyalg RSA -keysize 2048 -validity 10000 -alias upload -storetype JKS

flutter build appbundle --release --build-name=foodshare-1.0.0 --build-number=2

#  you'll see the complete file "app-release.aab" by path "../your-app/build/app/outputs/bundle/release/app-release.aab". 

Drop your app bundle there to upload and send it for moderation