Android Question Google Play Upload: The private key was not properly encrypted or is not a type of key we support.

b4x-de

Active Member
Licensed User
Longtime User
Hi,

I created a new App release on Google Play Console and followed all the instructions to create the output.zip from my b4a keystore file using the pepk.jar provided by Google.

When I upload the output.zip containing the encrypted private key and the certificate I receive an error message on the Google Play Console:

"The private key was not properly encrypted or is not a type of key we support."

To check if there is anything wrong with my keystore or my key I created a new sign key by using tools > private key in B4a. But even with a newly created key I receive this error message.

Is there something wrong with the key format created by B4A? I'm using B4A 9.50 with Java 8.

UPDATE#1: When I use the Java keytool to create a keystore and use the pepk tool the upload works fine and the key is accepted by Google Play Console.
keytool -genkey -v -keystore test.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias b4a

UPDATE#2: My key is very old. I’m using a 1024-bit DSA key with a SHA1withDSA signing algorithm. It seems B4A (at least in my version 9.50) creates currently a 1024-bit DSA key and uses a SHA256withDSA signing algorithm. But Google requires a 2048-bit RSA key with SHA256withRSA signing.

Is there a way to upgrade or replace an existing key with a cryptographic stronger key?

Thanks,
Thomas
 
Last edited:

b4x-de

Active Member
Licensed User
Longtime User
The key I tried to provide was not accepted by Google Play anymore. But I was lucky because I found an old app I had already uploaded to Google Play that uses the same key. In Google Play I could choose an alternative option to copy the key from an existing app. This was what I did to solve my particular case. I’m not sure whether it helps you.

I had already a large number of installations that were made outside the Google Play Store. Therefore I wanted to use this signing key in Google Play that was already in use with these installations.

The lesson I learned from this is: Immediately register a new app and upload the signing key even if you are not deploying it on Google Play in the near future. As soon as you start deploying an app to beta testers the key should be uploaded to Google Play Store to make sure you can continue to deploy with or without Google Play using the same key.

Thomas
 
Upvote 0
Top