[7/19/21] Updated to use Scriptoria to export the encrypted key that is uploaded to Google play.
In August 2021, Google Paly will require that all NEW apps are published as Android App Bundles (AAB) instead of an APK. For existing app, they can continue to be published as an APK. However, you may choose to switch to AAB. You may choose to do this if you are using features in SAB that makes your app larger. For example, if you enable verse on image to share videos which combine the image and audio or enabling the user to share audio clips or videos from selected verses, SAB then include a media processing library (FFmpeg) which will increase the app size by between 13 and 52 MB.
There is some extra work that needs to be done in Google Play Developer Console before you publish the next version of the app. It is documented in Play Console Help. If you are using Scriptoria, these are the steps that you should take.
- Add BUILD_ANDROID_AAB=1 and BUILD_EXPORT_ENCRYPTED_KEY=1 to the Publish Properties in SAB. For 8.6.6, you will need to type in (or copy/paste) the property names. In the next release, they will be available from the dropdown of known property names.
- Upload the project to Scriptoria.
- In a browser window, open Scriptoria and navigate to the project. Using the shish-kebob menu next to the “Android App to Google Play” product, select Rebuild. During the build, Scriptoria will export an encrypted copy of the private key used to sign the Android app.
When you published your app, you opted out of Play App Signing during the process of publishing the first APK. Now we have to enroll. WARNING: Once you opt in, you can’t opt out again.
- In another tab or browser window, open Play Console.
- Select an app.
- On the left menu, go to Release > Setup > App integrity.
- If you haven’t already, review the Terms of Service and select Accept.
- In the Opt in to Play App Signing section, select Export and upload a key (not using Java Keystore). Scriptoria will export the private key in the format needed by Google Play that is safe to transmit over the internet and can only be decrypted by Google.
- Go back to the browser tab or window opened to Scriptoria. When the “Android App To Google Play” product is at the “Verify and Publish” step, click on the Continue link.
- In the list of product files, click on the “encrypted_key” entry which will download private_key.pepk
- Go back to the brower tab or window opened to Play Console.
- Click on the Upload private key link and select the file that was download from Scriptoria.
- Click on Save at the bottom right of the page.
Play App Signing is now Enabled. You can continue with the “Verify and Publish” step in Scriptoria. In the list of product files, there will be an “aab” and “apk” entry. You can download the APK to do testing. Scriptoria will use the AAB when publishing.
When the publishing of the app as an AAB has completed, please remove the BUILD_EXPORT_ENCRYPTED_KEY from the publishing properties. It was needed just for this transitional prcess.
If You have any questions, reply to this thread and we can help anyone who may have a similar question.