I want to use certificate file in the build server to sign Android aab. So I need to sign Android aab without using keystore or jks file. For this I create a pem and pk8 files with these commands :
openssl genrsa -out key.pem 1024
openssl req -new -key key.pem -out request.pem
openssl x509 -req -days 9999 -in request.pem -signkey key.pem -out certificate.pem
openssl pkcs8 -topk8 -outform DER -in key.pem -inform PEM -out key.pk8 -nocrypt
There are some commands for apk signing like
java -jar SignApk.jar testkey.x509.pem testkey.pk8 my.apk my.s.apk
apksigner sign --key .pk8 --cert .x509.pem file.apk
But I could not find a way for aab file. After that I will upload signed aab file to play store. How can I do that ?
I have found a way. Here are the steps :
Generates a new certificate request with the given information and writes it to request.pem
Uses OpenSSL to create a certificate using the certificate request file (request.pem) and the specified key, then writes the certificate to certificate.pem.
Converts the private key to PKCS#8 format, saving it as key.pk8 without encryption.
Converts the private key from PKCS#8 format (DER) to PEM format, saving it as platform.priv.pem without encryption.
Creates a PKCS#12 file (platform.pk12) containing the certificate and private key, protected with the password "123123" and with the alias "android".
Creates a Java Keystore file (test.jks) in the Android keystore format, importing the certificate and private key from the PKCS#12 file (platform.pk12), using the password "123123", and setting the alias to "android".
Signs the Android App Bundle file (app-release_unsigned.aab) using the specified keystore (test.jks) and the alias "android", applying the given signature and digest algorithms, and saves the signed bundle as signed_app-release.aab.