Invalid signature error on appstore upload


for a few months we have a problem with uploading our app (shifts) to the appstore.
We’ve updated our app to work again with nextcloud version 25/26. Since we lost access to our old certificate, we requested a new one and signed our release with it:
openssl dgst -sha512 -sign priv.key ./myapp.tar.gz | openssl base64
When we try to upload the release with the generated signature we always get the following error:
Signature is invalid: [(‘rsa routines’, ‘rsa_ossl_public_decrypt’, ‘data too large for modulus’)].
The tarball is around 8MB in size. We use the github link to the release atrifact (

I can generate the signature localy with openssl dgst -sha512 -sign priv.key -out sign.pem ./myapp.tar.gz and successfully verify it with openssl dgst -sha512 -verify pub.key -signature sign.pem ./my.tar.gz.

Does anyone know where this error come from and how to fix it?


Have you reregistered your app in the app store? An indication for this is that all app releases are removed from the appstore. So better make a copy of your releases before :wink:.

I did it maybe a week ago and it worked straight out of the box.

1 Like

Thank you! It finally worked!
I think the error message is a little missleading :sweat_smile:

1 Like