Follow these steps to migrate an existing published app from manual signing to Google Play App Signing.
✅ 1. Back Up Your Current Key
Securely store your existing signing credentials:
-
Keystore file:
key.jks
- Keystore password
- Key alias
- Key password
⚠️ Important: Keep a safe backup of these credentials. You’ll need them during the migration.
✅ 2. Export Your App Signing Key (PEPK)
Google requires an encrypted export of your current signing key.
- In Play Console, go to: Setup → App integrity → App signing.
-
Under “Export and upload your app signing key”, download:
pepk.jar
- The encryption key (displayed in the instructions).
Run the following command in your terminal (replace placeholders):
java -jar pepk.jar --keystore=key.jks --alias=<your-alias> \
--output=output.zip --encryption-key=<Google-encryption-key>
This generates output.zip containing your encrypted signing key.
✅ 3. Upload the Key to Google Play
- Open Play Console and navigate to: Setup → App integrity → App signing
- Click Opt in to Play App Signing.
- Upload the
output.zip
file generated in the previous step.
✅ 4. Wait for Google to Process
- Google will verify the uploaded key.
- Once approved, Google Play App Signing becomes active.
- From now on, Google securely manages your app signing key.
✅ Note: Your existing keystore (
key.jks
) will now act as your Upload Key.
You can continue using it or optionally register a new upload key.
✨ (Optional) Generate a New Upload Key
For additional security, you can generate a new upload key:
keytool -genkey -v -keystore upload-key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias upload
- Export the public certificate (.pem) from this new keystore.
- Upload the certificate in Play Console as your new upload key.
📌 Summary
✔️ Backup your keystore (key.jks
, alias, and passwords).
✔️ Export your signing key using pepk.jar
from the Play Console.
✔️ Upload the encrypted key (output.zip
) in Play Console → App Signing.
✔️ (Optional) Generate and register a new upload key for added security.
✅ Your app is now successfully migrated and managed by Google Play App Signing 🚀
Top comments (0)