Why does Android need a keystore?

All APKs/AABs must be signed. Debug uses a default keystore (shared across devs); release needs a stable keystore you control — updating an app requires the same signing key.

How do I generate one?

keytool -genkey -v -keystore release.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias mygame. Stores certificate in release.keystore; remember the alias and passwords.

Where to set in Godot?

Export preset → Keystore tab → fill Debug Keystore, Debug User, Debug Password, Release Keystore, Release User, Release Password. Or set globally in Editor Settings → Export → Android.

Fix: Godot Android Export Missing Keystore Alias

Quick answer: Generate a keystore with keytool -genkey. Set keystore paths + alias + passwords in the Android Export preset, or globally in Editor Settings → Export → Android.

An indie team exports for Android and hits “Keystore not configured” or “Alias not found”. Setup needs keytool from the JDK, then mapping into Godot’s export config.

Generate Release Keystore

keytool -genkey -v -keystore release.keystore \
        -keyalg RSA -keysize 2048 -validity 10000 \
        -alias mygame

Asks for password, name, organization. Output: release.keystore file. Back it up — losing this means you can never update the app under the same package on Play Store.

Generate Debug Keystore (Optional)

keytool -keyalg RSA -genkeypair -alias androiddebugkey \
        -keypass android -keystore debug.keystore \
        -storepass android -dname "CN=Android Debug,O=Android,C=US" \
        -validity 9999

Debug keystore is interchangeable across machines; only release needs custody.

Configure Godot Export

Project → Export → Android preset:

Debug Keystore: path to debug.keystore
Debug User: androiddebugkey
Debug Password: android
Release Keystore: path to release.keystore
Release User: mygame (your alias)
Release Password: (the password you set)

Or Global Settings

Editor Settings → Export → Android: set defaults that apply to all projects. Useful if the same dev machine builds many games.

CI/CD Caveat

For headless CI export, set environment variables that match the export preset’s field paths, or check in a sanitized export_presets.cfg (do not commit the keystore file itself):

godot --headless --export-release "Android" game.aab

Keystore paths in the preset must be absolute or relative to the project. Resolve before invoking.

Verifying

Export AAB. APK installs on test device. For Play Store: upload to internal test, install via Play store, confirm signed by the same key on each update.

“Keystore loss is unrecoverable. Generate once, back up to 2–3 locations, never commit to repo.”

For Play Store, enable Play App Signing — Google holds the upload key, you keep a different signing key. Lost upload key = recoverable. Without App Signing, lost key = ship from a new package.