anyone know how to sign .aab file using new keystore from command line? The documentation here mentions that we can use jarsigner to sign our app bundle from the command line. but I cannot find the command line? Anyone know the command line?

I got this error when uploaded my bundle to Google Play:

You uploaded an APK with an invalid signature (learn more about signing). Error from apksigner:

I try to sign the app bundle using this command:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore xample.jks bundle.aab keystoreAlias

Thank you very much.

Probably you've already found a way to solve your problem. Nevertheless, since it may help someone in the future, I just wanted to say that I had the same problem and changing the hashing algorithm to SHA-256 helped me to overcome it.

jarsigner -verbose -sigalg SHA256withRSA -digestalg SHA-256 -keystore xample.jks bundle.aab keystoreAlias

I had the same error for another situation (or maybe the same).

I was trying to re-package *.aab bundle with some changes. At first, I used a zip or jar to create an unsigned archive. After that, I signed it using jarsigner tool. I found that *.aab is not an ordinary zip using bundletool

> java -jar bundletool.jar validate --bundle application.aab

[BT:0.12.0] Error: The App Bundle zip file contains directory zip entry 'base/' which is not allowed.
com.android.tools.build.bundletool.model.exceptions.BundleFileTypesException$DirectoryInBundleException: The App Bundle zip file contains directory zip entry 'base/' which is not allowed.
        at com.android.tools.build.bundletool.validation.BundleZipValidator.validateBundleZipEntry(BundleZipValidator.java:29)
        at com.android.tools.build.bundletool.validation.ValidatorRunner.lambda$validateBundleZipFile$1(ValidatorRunner.java:47)
        at com.google.common.collect.ImmutableList.forEach(ImmutableList.java:406)
        at com.android.tools.build.bundletool.validation.ValidatorRunner.validateBundleZipFile(ValidatorRunner.java:46)
        at com.android.tools.build.bundletool.validation.AppBundleValidator.validateFile(AppBundleValidator.java:92)
        at com.android.tools.build.bundletool.commands.ValidateBundleCommand.execute(ValidateBundleCommand.java:78)
        at com.android.tools.build.bundletool.BundleToolMain.main(BundleToolMain.java:92)
        at com.android.tools.build.bundletool.BundleToolMain.main(BundleToolMain.java:46)

So I used that utility to create *.aab, after that signed it using jarsigner. You need to zip the contents of base/* subfolder into a separated archive.

> java -jar bundletool.jar build-bundle --modules base.zip --output application.aab

> jarsigner -keystore $KEYSTORE -storetype $STORETYPE -storepass $STOREPASS -digestalg SHA1 -sigalg SHA256withRSA application.zip $KEYALIAS

> java -jar bundletool.jar validate --bundle application.aab

App Bundle information
------------
Feature modules:
    Feature module: base
            File: assets/META-INF/AIR/application.xml
            ...