[Android] Sign APK Step Error: unsupported protocol scheme "". Fail using existing release .keystore file

Looking for help to use Bitrise to build signed installable builds.

I’ve read through all the docs and followed those along (Upload and download keystore file).

I failed to get the updated special configs as explained here working, but I think using the sign-apk step feels more elegant anyway. I feel like getting very close. But now it is complaining about my file not being valid.

Here is where I am:

I created a special “ci” Android buildType in gradle that doesn’t include any signingConfig:

android {
    buildTypes {
        // Mimic release settings. TODO: Enable minifyEnabled to run proguard once ci is setup
        ci {
            zipAlignEnabled true
            minifyEnabled false
            // No signingConfig. Let ci do sign step

This is the error output on running, all steps before are ok:

 - ApkPath: /bitrise/deploy/app-mock-ci-unsigned.apk
 - KeystoreURL: ***
 - KeystorePassword: ***
 - KeystoreAlias: ***
 - PrivateKeyPassword: ***
 - JarsignerOptions: 
Download keystore
Failed to download keystore, error: [Get /root/keystores/pvlse_release.keystore: unsupported protocol scheme ""]
|                                                                              |
| x | sign-apk@1.2.2 (exit code: 1)                                 | 2.55 sec |

I’ve uploaded the keystore file to the Android keystore file section in the Code Signing tab. I had this release key for years and it doesn’t have a “jks” ending as in the docs, but a “.keystore” one. When reading the properties with the keytool command I do get that it is a jks keystore:

Keystore type: JKS

I so far could not find an answer how or if I need to convert the .keystore file to a .jks one. Maybe that would be a solution if such a conversion is possible?

Here is my bitrise workflow config showing the steps I’ve set up to run unit tests & build release using assembleCi:

    - activate-ssh-key@4.0.2:
        run_if: '{{getenv "SSH_RSA_PRIVATE_KEY" | ne ""}}'
    - git-clone@4.0.11: {}
    - cache-pull@2.0.1: {}
    - install-missing-android-tools@2.2.0: {}
    - gradle-unit-test@1.0.5:
        - unit_test_task: testCiUnitTest
    - file-downloader@1.0.1:
        - destination: '"$HOME/keystores/project_release.keystore"'
    - gradle-runner@1.8.3:
        - gradle_file: "$GRADLE_BUILD_FILE_PATH"
        - gradle_task: assembleCi
        - gradlew_path: "$GRADLEW_PATH"
    - sign-apk@1.2.2:
        - keystore_url: "$HOME/keystores/project_release.keystore"
    - deploy-to-bitrise-io@1.3.12:
        - notify_user_groups: none
    - cache-push@2.0.5: {}

Any input and help welcome. Thanks very much in advance!

Searching through the forum history, I found this old question by @danielwilson1702
1 that sounds similar and didn’t end in a confirmed solution? But maybe it really was different.

You need to pass a URL, not a path.
So you should use input like this:
keystore_url: "file://$HOME/keystores/project_release.keystore"

See also example in the docs:

1 Like

@koral Thanks for your help! I got it to work. I missed that among all the documentation places.
I think it only works without the ", I first included it as you wrote it, but that lead to the following error:

Failed to download keystore, error: [parse “file:///root/keystores/pvlse_release.keystore”: first path segment in URL cannot contain colon]

Would be great to have an example sign-step config added to https://devcenter.bitrise.io/code-signing/android-code-signing/android-code-signing-using-bitrise-sign-apk-step/

Using the name from the already available snippet:

- file-downloader:
   - destination: "$HOME/keystores/my_keystore.jks"

The additional info would just need to be:

- sign-apk:
   - keystore_url: file://$HOME/keystores/my_keystore.jks

Thanks for helping out @koral! :wink:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.