Getting App Bundle Error in Google Play Console

Question

I am facing the error while uploading the .aab bundle in the Google play console with the existing Keystore. I am having the White label App and having the Keystore file & password which is common for the 30+ applications. While I try to upload the release .aab bundle with the existing KeyStore and Password it is throwing the below error.

you uploaded an APK or Android App Bundle that is signed with a key that is also used to sign APKs that are delivered to users

Is that possible to use the same Keystore file and password for all the 30+ applications in the Android app bundle concept or do we need to create a separate Keystore and password for all the 30+ applications?

Answer 1

You can use the same upload key for all your applications. You can also use the same signing key for all your applications, although that is discouraged unless there is a technical reason (e.g. sharing code between apps, sharing process between apps, etc.).

Here, the Google Play Console complains that you are using an key both as an upload key and as signing key. The signing key is much more sensitive than the upload key since it can't be rotated as easily.

The difference between upload and signing key is described in more details in this article: https://support.google.com/googleplay/android-developer/answer/9842756

I suspect that you are facing this issue because you had uploaded app #1 with key A without being enrolled in Play Signing, thus making key A the signing key of app #1. Then you created app #2 which you enrolled in Play Signing and uploaded app #2 signed with key A, thus making key A the upload key of app #2. Google realizes that you have used the same key with a signing role for app #1 and for an upload role in app #2 and warns you that it is a dangerous security practice.