Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Creating A Release AAB

In this gist I will explain what are all the steps that I followed in order to generate a signed version of my .aab.

Note: This signing process only works on Ubuntu and only works in a single terminal. YOU MUST COMPLETE ALL THE STEPS IN A SINGLE TERMINAL.DO NOT CLOSE THE TERMINAL IN ANY STEPS IN BETWEEN.

  1. Open any directory in your terminal(I prefer the documents directory).
  2. Now type mkdir -p ~/keystores/. This will create a folder in your home directory witht the name keystore. Keep this folder safe as you need it to update your app later down the line
  3. Now run this command keytool -genkey -v -keystore ~/keystores/<your-new-key>.keystore -alias <your-key-alias> -keyalg RSA -keysize 2048 -validity 10000. Here replace <your-new-key> with the name of your keystore. Replace <your-key-alias> with the name of your key(typically your app name) Set the validity to whatever you want. It represents the number of days your key will be valid. I would recommend setting it to the number of days in 10 years. So for example a command would be keytool -genkey -v -keystore ~/keystores/mykeystore.keystore -alias picdf -keyalg RSA -keysize 2048 -validity 3650


  1. You will then be asked a series of questions such as your name and company etc. Type whatever you want in these fields as they only are important for major companies and doesn't really affect the key. At the end you will be asked for a keystore password and for a key password. Type both of these password the same(or else the next step fails) and keep the password safe.
  2. Now we need to migrate the key to a PKCS12 based key. Execute this command keytool -importkeystore -srckeystore ~/keystores/<your-new-key>.keystore -destkeystore ~/keystores/<your-new-key>.keystore -deststoretype pkcs12 replace your-new-key with the name of the key that you entered in step 3. You will also be asked for your password again. So if I continue my example, my command would look like keytool -importkeystore -srckeystore ~/keystores/mykeystore.keystore -destkeystore ~/keystores/mykeystore.keystore -deststoretype pkcs12
  3. After running the above command if you check your keystore folder you will notice that there is a mykeystore.keystore and a mykeystore.keystore.old. This means that the command worked properly.

7.Now run these commands

export P4A_RELEASE_KEYSTORE=~/keystores/<your-new-key>.keystore
export P4A_RELEASE_KEYSTORE_PASSWD="<your-keystore-password>"
export P4A_RELEASE_KEYALIAS_PASSWD="<your-key-alias-password>"
export P4A_RELEASE_KEYALIAS="<your-key-alias>"

fill in the respective fields properly with your names as needed. For line 2-4 all the values have to be typed in double quotes. Do not type the first value in double quotes. Follow below example carefully.

export P4A_RELEASE_KEYSTORE=~/keystores/mykeystore.keystore
export P4A_RELEASE_KEYALIAS="picdf"

Note: Follow how I have placed the double quotes carefully

  1. Now without closing that terminal, navigate to your working directory(i.e. the directory where you compile with buildozer) and run buildozer -v android release. Make sure u configured the spec file so that releases are made in the .aab format. I would also suggest to rebuild the dependencies before your final compile cause u may never know if some files are missing.
Copy link

Guhan-SenSam commented Feb 12, 2022

Yup did the changes. Thanks for pointing that out

Copy link

HeRo002 commented Apr 14, 2022

When you create a release version of your app - an .aab-file - using 'buildozer android release' you have to opt in to Google Play app signing in the Google Play Console before you can upload the .aab-file.

Choose the option "Use existing app signing key from Java keystore".

Here is my way "translation" of the command mentioned in the procedure:

$ java -jar pepk.jar --keystore=<path+filename of your key file> --alias= --output=<path+filename of new key file> --encryptionkey=[deleted]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment