Difference between keystore and key (upload key)?

Question

Android's new App Bundle (instead of APK) involves Generating an upload key and keystore.

When I exported my app bundle I ended up with these 2 files in the same directory.

They were titled: myappname and private_key.pepk. They both can be opened in a simple textedit application.

When I updated my app for the first time on the Google Play Store, I had to sign it with myappname - and it worked. However private_key.pepk was not used at all.

What is the difference between the 2 and what is their purpose?

Answer 1

private_key.pek is the encrypted private key required to enroll existing apps to App Signing by Play. It is only used when you have already published an app to the Play Store and need to transfer your private key to Google so they can sign the APKs with the same key as your previous versions.

For new apps, Google can generate the key themselves (since there are no previous versions) so you don't need to transfer anything.

You can thus delete this file, you won't need it.

You can find more information on the enrollment process at https://support.google.com/googleplay/android-developer/answer/7384423?hl=en-GB