Android Question Almost Totally Confused about AAB & Signkey


Active Member
Licensed User
Some questions about AAB and SignKey:

1) what's the difference between .KEYSTORE and .JKS? I have "myname.keystore" where and when can I use it in the process of signing (new/old) app?

2) For new apps: what happens when I use option 1 "let google manage and protect your app signing key"? Isn't that the simplest solution for "new" AABs?

3) For existing apps: Do we need to go thru all the hoops of 'pepk' 'keytool -genkey' 'keytool -export' etc...?

4) Do we need a different key for every app?

5) Make A Wish: A .BAT file with detailed explanation of all params and/or IDE options to do what's needed and create the file we need to upload to Google Play


Staff member
Licensed User
Existing apps

1. You will not gain anything from switching to AAB.
2. You can switch by following Google instructions with the pepk tool. It is really not too complicated.

New apps

1. For now you can still ignore AAB.
2. If you do want to use the new AAB then you will need to create a new RSA signing key:
c:\java\jdk-11.0.1\bin\keytool -genkey -v -keystore new-key.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias b4a

3. You will also need to add:
#SignKeyAlgorithm: -digestalg SHA1 -sigalg SHA256withRSA

It will be simpler in the next version of B4A:

1. New keys will be created with the RSA algorithm.
2. The bundle step will auto detect the algorithm.
Upvote 0