Google Play is a must if your Android app is not only operating in China, but also wants to go global, such as serving the American people. So let me record here

Necessary preparation

  • A Gmail account, Google Play Console logins only accept Google accounts
  • A credit card (Visa /mastercard) that supports foreign payments. $25 to register
  • Document Understanding -Android APP bundle
  • Document Understanding -APP Signing
  • Software copyright (not required)

Account registration

This process requires you to bring your own ladder, register your address, and follow the instructions

App Bundle

The Android ecosystem has been fragmented for 10 years, with apps getting bigger and bigger. Google finally decided to change things up, and in mid-2018 introduced a new file format called Android App Bundle. It is expected to achieve three purposes: 1. Dynamic distribution. The server dynamically delivers APK of corresponding resources according to the user model, reducing the application package volume (N years behind iOS); 2. Dynamic function modules, such as payment and playback, can be dynamically loaded at the time of use; 3, application security, integrated App signing, ensure the validity of App installation and upgrade. It’s also easier to use

  • For Android Studio 3.2+, bundletool is available on the command line
  • Added Dynamic Delivery support
  • Open an Android APP bundle file using AS. Go to the AS toolbar and select Build. Select Build Bundles and the file format is.aab
  • Test the AAB bundle file
  • Upload your signature to Google Play

A 20M test APK, delivered to the user’s phone via Google Play using app Bundle, is only about 6m, which is delightfully pleasing.

App signing

As opposed to APK, App Bundle’s AAB is a new upload file format that must be used with App Signing. Google Play manages and protects your app signature key and uses it to sign apK for dynamic distribution.

How does it work?

Application keys are stored in Google’s undifferentiated infrastructure services and provide security and reliability. The aAB file is generated using the key signature, and the AAB upload to Google Play verifies that the public certificate is from a trusted source (the same).

Upload the key?

This is optional, which is to generate an additional Java keystore, which is used to distinguish the keystore of the application packaging signature. It only does validation when uploading AAB files. The Upload key will be the keystore for the first upload if the App Signing has chosen Google to automatically generate the private key.

Does the ancestral signature key work?

Yes, select the private keystore from the previous generation when the App Signing service is started, and create a keystore to use as the Upload key.

Various key related concepts

Term Description
App signing Google Play uses this key to sign the APK that is distributed to users. Google will create one for you when using the App Sign service, or upload an existing one. An application can only be signed once.
Upload key To ensure the validity and security of files uploaded by AAB, it is strongly recommended to create a new one. Do not use the same one as the sign key.
Certificate (.der or .pem) A certificate contains the public key and additional identifying information about who owns the key
Certificate fingerprint Short representation of a certificate, usually MD5, SHA-1, sha-265
Java keystore (.jks or .keystore) A file that stores the security certificate and private key
Play Encrypt Private Key (PEPK) tool A tool that exports private keys from Java keystores and encrypts them for transfer to Google Play.

@ Zi Luyu, this article from blog, welcome to reprint, reprint please reserve source.

reference

Developer.android.com/guide/app-b…

Support.google.com/googleplay/…

Support.google.com/googleplay/…

Medium.com/googleplayd…