Recover Your Lost Android Keystore File

Raviraj Desai
3 min readAug 6, 2022

1. Create a new ‘keystore.jks’ file

If you don’t already have an upload key, which is useful when configuring Play App Signing, you can generate one using Android Studio as follows:

  1. In the menu bar, click Build > Generate Signed Bundle/APK.
  2. In the Generate Signed Bundle or APK dialog, select Android App Bundle or APK and click Next.
  3. Below the field for Key store path, click Create new.
  4. On the New Key Store window, provide the following information for your keystore and key, as shown in figure 2.
  1. Figure 2. Create a new upload key and keystore in Android Studio.
  2. Key store path: Select the location where your keystore should be created. Also, a file name should be added to the end of the location path with the .jks extension.
  • Password: Create and confirm a secure password for your keystore.
  • Key
  • Alias: Enter an identifying name for your key.
  • Password: Create and confirm a secure password for your key. This should be the same as your keystore password. (Please refer to the known issue for more information)
  • Validity (years): Set the length of time in years that your key will be valid. Your key should be valid for at least 25 years, so you can sign app updates with the same key through the lifespan of your app.
  • Certificate: Enter some information about yourself for your certificate. This information is not displayed in your app, but is included in your certificate as part of the APK.
  1. Once you complete the form, click OK.
  2. If you would like to build and sign your app with your upload key, continue to the section about how to Sign your app with your upload key. If you only want to generate the key and keystore, click Cancel.

2. Export certificate for that new Keystore file to PEM format

Once you have a Keystore file, generate a certificate in PEM format which will be used for resetting the upload key by Google. The new upload key will be used to sign APKs that you upload to Google Play. You can export certificate using:

keytool -export -rfc -alias prod -file certificate.pem -keystore keystore.jks

Submit a request to Google for updating the upload key

Now, you need to send the generated certificate to google using this form:

They will reset your upload key in 12–48h and you will be able to update your application with the new keystore file.



Raviraj Desai

Assistant Vice President at Axis Bank (Android — Kotlin lover. Tech stack: MVVM, Dagger2, Coroutines, RxJava2 ,Flutter Enthusiast ,Ejabber