Lost Android Keystore? Here’s How to Recover & Continue Publishing Your App
Understanding the Problem
Section titled “Understanding the Problem”When you publish an Android app to the Play Store, it must be signed with a keystore file. This file contains your private key, and without it, you cannot generate valid APK/AAB updates for your existing app.
If your keystore file is deleted or lost, you cannot recreate the exact same file — the cryptographic key is unique. However, if your app is already in the Play Store, Google provides a solution: upload key reset.
What is an Upload Key?
Section titled “What is an Upload Key?”Google Play App Signing (enabled by default for new apps) stores your original app signing key securely on Google’s servers. You use a separate upload key to sign and upload new versions.
If you lose your upload key, Google can replace it with a new one without affecting the original signing key.
Step 1: Request a New Upload Key from Google
Section titled “Step 1: Request a New Upload Key from Google”- Go to the Google Play Console Support page
- Fill in the form with:
- App package name (e.g.,
com.example.android) - Your developer account email
- App package name (e.g.,
- Confirmation that you’ve lost the key
- Google will email you instructions to generate a new upload key and share the public certificate with them.
Step 2: Generate a New Upload Key
Section titled “Step 2: Generate a New Upload Key”You can create a .jks (Java Keystore) file with this command:
keytool -genkeypair -v -storetype JKS -keystore my-upload-key.jks -alias upload -keyalg RSA -keysize 2048 -validity 10000You’ll be prompted for:
- Keystore password
- Key password
- Organization details
- Alias (e.g.,
upload)
Step 3: Export the Public Certificate
Section titled “Step 3: Export the Public Certificate”Once you create the new .jks file, export its public certificate (PEM format) and send it to Google:
keytool -export -rfc -keystore my-upload-key.jks -alias upload -file upload_certificate.pemNote: The .jks file path must match where your new file is stored.
Step 4: Update build.gradle to Use New Keystore
Section titled “Step 4: Update build.gradle to Use New Keystore”In your app/build.gradle:
signingConfigs { release { storeFile file('my-upload-key.jks') storePassword localProps['MYAPP_RELEASE_STORE_PASSWORD'] keyAlias 'upload' keyPassword localProps['MYAPP_RELEASE_KEY_PASSWORD'] }}Make sure local.properties contains the correct values.
.keystore vs .jks — What’s the Difference?
Section titled “.keystore vs .jks — What’s the Difference?”.keystore– Older Java keystore format (still works but less common for new projects)..jks– Java KeyStore format introduced in newer Java versions (recommended now).- Functionally, they store the same thing — the main difference is the store type (
JKSvsPKCS12).
Final Tips
Section titled “Final Tips”- Always
back upyour keystore file in multiple secure locations. - Store passwords in a
password manager— losing them is just as bad as losing the file. - If Google issues a new upload key,
old builds signed with the old key will still work.
In Short: If you lose your Android keystore file but your app is already on the Play Store, you can’t recover the exact file — but you can request a new upload key from Google, create a new .jks file, and keep publishing updates without starting over.