Signing, React Native and the Play Store

To deploy their app to the Play Store, developers have to generate a .keystore file and sign their release with it. The React Native docs do a good job explaining the necessary steps.

To summarize, as of right now (Version 0.70 on macOS) all you have to do is:

  1. Navigate to your JDK folder by following the output of /usr/libexec/java_home 2. Run sudo keytool -genkey -v -keystore {NAME}.keystore -alias {ALIAS} -keyalg RSA -keysize 2048 -validity 10000 (with {NAME} and {ALIAS} replaced, e.g tippinho.keystore) 3. Fill out the prompt 4. Place the generated {NAME}.keystore file in /android/app 5. Add the following to your ~/.gradle/gradle.properties (with the correct values):
MYAPP_UPLOAD_STORE_FILE={NAME}.keystore
MYAPP_UPLOAD_KEY_ALIAS={ALIAS}
MYAPP_UPLOAD_STORE_PASSWORD=*****
MYAPP_UPLOAD_KEY_PASSWORD=*****

Again, check out the official docs for up-to-date and more detailed instructions.

So you lost your keystore, what now?

No big deal - as long as you let Google Play manage your signing key. Assuming that, the steps are straightforward. The React Native docs point you to this support article which tells you to go here and follow the instructions.

Those instructions being:

  1. Generate a new .jks file
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
  1. Generate a .pem file from that .jks
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks  *
  1. Send it to Google via the form

I left the actual commands untouched to point out that Google default to use upload as an alias (where the React Native Docs default to my-key-alias). This means the .keystore that you will generate later to sign your app again will need to have that alias, too! So be careful with what you put here. Always have your aliases match. Keep in mind that the gradle.properties in ~/.gradle/ also references that alias!

What I also learned
  1. Don't panic! If you have Google Play sign your app you will gain access again (assuming you know your Play login)
  2. In my experience the support takes less than 24h to reset your key
  3. Once reset, the new key will become active after an additional 48h
  4. If you just have the .perm file you can't do anything
  5. If you just have the .keystore file you can't do anything
  6. If you just have the .jks all you need to do is generate a new .keystore with the same alias
  7. The initial .jks file should be generated from the initial keytool -genkey command
  8. You can't generate a .jks from a .keystore, don't bother
  9. I recommend backing up the ~/.gradle/gradle.properties because you will lose it at some point
  10. If you haven't already: Checkout Play App Signing