When attempting to upload an APK to Google Play thru Visual Studio Archive/distribute process it fails because the certificate has expired. I verified this using keytool -list and verified it is indeed expired. How do I update the certificate validity on my existing keystore? I tried importing my existing keystore in the archive process in VS where it complains about expiring too soon and does not upload. I tried to create a new keystore and upload to my existing app, but I get a message :
"Your uploaded an APK that is signed with a different certificate to your previous APKs. You must use the same certificate. Your existing APKs are signed with the certificate(s) with fingerprint(s):..."
I am assuming I need to update the validity using the keytool.exe somehow on my keystore itself. I tried this statement from the command line hoping it would update, but it complains that my alias already exists:
keytool.exe -genkey -v -keystore myapp.keystore -alias myoriginalalias -keyalg RSA -keysize 2048 -validity 20000
I tried it with new alias name, it asks for a password for , that I never set up, or return if same as keystore password, and I hit enter. Then I get a keytool error: java.io.FileNotFoundException: myapp.keystore (Access is denied).
Do I need to create an alias before hand with a password? If so how? It's been a while since I have done this manually. Or is there another tool I should using or another option on keytool? I do not see any for updating validity options. I feel like I am getting close here and am coming up empty on my searching. Any pointers here would be appreciated. Thanks in advance.
Basically, what is the process for updating a keystore validity for an existing app in the Google Play store? Is it possible?
If you plan to support upgrades for an app, ensure that your app signing key has a validity period that exceeds the expected lifespan of that app. A validity period of 25 years or more is recommended. When your key's validity period expires, users will no longer be able to seamlessly upgrade to new versions of your app.
The only thing you can do once the cert expires, is to re-pubish the app with a new App Id and new certificate.
You should sign all of your APKs with the same certificate throughout the expected lifespan of your apps. There are several reasons why you should do so:
App upgrade: When the system is installing an update to an app, it compares the certificate(s) in the new version with those in the existing version. The system allows the update if the certificates match. If you sign the new version with a different certificate, you must assign a different package name to the app—in this case, the user installs the new version as a completely new app.
Re: https://developer.android.com/studio/publish/app-signing.html#considerations