Tutorial for signing an AAB file

Hello everyone!
I have prepared a guide for signing AAB files
I also posted it in the Kodular community but thought it would be helpful if I posted it here as well:)

  • Step 1: Sign in to the Google play console and create a new version of your application.

  • Step 2: We now need to sign up for the Play app signing program, so click on opt-in.

  • Step 3: Now select the second option (Export and upload a key from Java keystore) and download the PEPK tool.

  • Step 4: Download the Keystore of your application from App Inventor:

  • Step 5: Copy the following code and paste it into the text editor:

java -jar Path to pepk.jar --keystore=Path to keystore --alias=Enter the alias here, usually applications built in App Inventor should have the alias: androidkey --output=The path to export the private key file (what needs to be uploaded to Play App Signing) It should be a zip file! --encryptionkey=Enter the sequel here (this is already entered in what you copied from the Play App Signing)

  • Step 6: Now replace the bold text with the one for you. In the line: Enter the sequel here (this is already entered in what you copied from the Play App Signing) Replace with the code you will see in the Play App Signing:

  • Step 7: Once you have filled in all the details copy all and paste in terminal, then press enter, now you will be asked to enter the password for store, for applications built in App Inventor the password should be android
    You will then be asked to enter the password for the key- this too should be android (in applications built in App Inventor)
  • Step 8: If you did everything right then you will see a new zip file in the path where you instructed to export the file.
    Upload this file to the Play app signing.
  • Step 9: Now export your application (from App Inventor) as an aab file and you can upload it in the new version
    And that’s it! You can now upload aab files!

See also


Hmm.. Do we want to do this :thinking:. I think I haven't done this when I first uploaded my app (APK format) using MIT App Inventor.

1 Like

Well, new apps must use AAB and soon we will have to use AAB for existing apps as well


No, as I said in the guide:

1 Like

Do we want to do what?

1 Like

My mistake.

I was probably confused because of the API 30 targeting for existing apps


However I believe Google will require this in the future

1 Like

I don't think so, because Google has had enough time to think about it and set its guidelines.


We've discussed this internally as well, and we think that part of the reason that existing apps won't be required to move to using AABs is that the signing keys needed for PAS may have been generated by hardware security modules and therefore cannot be extracted. Therefore, apps published in this way must continue to proceed as is because there is no physical way to turn over the signing key to Google (needed because Android won't accept updated APKs if the signatures don't match). This is just speculation though.


That doesn't convince me, because it is optional whether I stay with APKs or switch to AABs.

Sure. I wasn't implying you couldn't switch as a personal choice, only that circumstances exist by which I don't think Google could force the switch.

1 Like