Difference between upload key and app signing key in Android!

Hi all 

As an android developer publishing to Google Play Store is just another hiccups to solve. I’m sure we all have dealt with many error messages and did some trial and error method to resolve it. Today I going share about the difference between App signing key and Upload key which is often assumed to be the same. 

 Let’s talk about Upload key first! 

One can use Android Studio to either manually generate signed APK or configure the build process to automatically sign the apk. With upload key you choose to manage and secure your own app signing key and keystore, used to sign your APKs. 

 To generate the upload key, 

  1. In the menu bar, click Build > Generate Signed APK. 
  2. Select a module from the drop down, and click Next. 
  3. Click Create new to create a new key and keystore. 
  4. On the New Key Store window, provide the following information for your keystore and key, as shown in figure 


5.Once you complete the form, click OK.  On the next window, select a destination for the signed APK(s), select the build type, (if applicable) choose the product flavor(s), and click Finish. 

When the process completes, you will find your signed APK in the destination folder you selected above, that can be used to distribute your app in the Google Play Store.  

An APK signed with your private key is ready for distribution.  

For apps using APKs, when you upload an APK, app signing by Google Play is an optional program. If you prefer, you can continue managing your own keys.  You will use this upload key to sign all future APKs prior to uploading them to the Play Console. 

* If you’re not enrolled in app signing by Google Play and lose your keystore, you’ll need to publish a new app with a new package name. 

App release: 

  1. Go to your Play Console.
  2. Follow the required steps to upload new app. 
  3. Select Release management > App releases. 
  4. Next to “App signing by Google Play,” no action required. 
  5. Now you can upload the APK signed using the release key SHA1 fingerprint. 

Since you have signed your APK using the upload key (release key), you need to register your upload key with any service or API that uses your app’s signature for authentication (like the Google Maps API or Facebook SDK). If you’re using any Google API, you may want to register the upload certificate in the Google Cloud Console for your app. 


Now about App signing key: 

When you upload an APK, app signing by Google Play is an optional program. If you prefer, you can continue managing your own keys. Lets talks more in the next sessions! Happy debugging!








Leave a Reply

Your email address will not be published. Required fields are marked *