How to use Apple's new .p8 certificate for APNs in firebase console

Asked 24/9, 2016 at 3:52 Answered 12/5, 2021 at 9:21

ios firebase apple-push-notifications p12 p8

116

With the recent up gradation of the Apple developer accounts, I am facing a difficulty that while trying to create the push notification certificates, it is providing me with (.p8) certificate instead of APNs ones which can be exported to (.p12).

Firebase console only accepts (.p12) certificates so how I can get that out from these new (.p8) certificates.

Any answered 24/9, 2016 at 3:52 Comment(4)

Where you get the .p8 certificate? I can still create the .p12 from my KeyChain. – Brindabrindell 24/9, 2016 at 5:16

I updated my license of apple account 2 days back and it is giving me .p8 certificates instead of p12 directly without even asking for the CSR file – Any 24/9, 2016 at 14:31

can you get solution ?? – Pacifist 26/9, 2016 at 10:44

@DhavalBhadania I posted my answer below – Any 24/10, 2016 at 4:39

I was able to do this by selecting "All" located under the "Keys" header from the left column

Then I clicked the plus button in the top right corner to add a new key

Enter a name for your key and check "APNs"

Then scroll down and select Continue. You will then be brought to a screen presenting you with the option to download your .p8 now or later. In my case, I was presented with a warning that it could only be downloaded once so keep the file safe.

Linen answered 24/6, 2017 at 5:13 Comment(5)

Thanks, the developer account has updated. There is no more APNs Auth Keys into Certificates – Firing 6/7, 2017 at 9:28

Thanks, you saved me! – Butylene 23/3, 2018 at 5:45

@John can you help me out, I've been stuck for the past few days. I can't get fcm working.. stackoverflow.com/questions/50292269 – Vetiver 13/5, 2018 at 22:21

They key may not expire, but "provisioning profiles" do. Are they still required to send push notifications, or can we get rid of them safely? Thanks – Leacock 11/6, 2018 at 22:16

@John Idasetima I'm confused how this answer the question - which was Firebase only accepts p12 but the new key is p8. Your answer just says how to download the key as a p8. Are you saying Firebase accepts the p8 as well as the p12? – Daina 11/7, 2019 at 21:47

Apple have recently made new changes in APNs and now apple insist us to use "Token Based Authentication" instead of the traditional ways which we are using for push notification.

So does not need to worry about their expiration and this p8 certificates are for both development and production so again no need to generate 2 separate certificate for each mode.

To generate p8 just go to your developer account and select this option "Apple Push Notification Authentication Key (Sandbox & Production)"

Then will generate directly p8 file.

I hope this will solve your issue.

Read this new APNs changes from apple: https://developer.apple.com/videos/play/wwdc2016/724/

Also you can read this: https://developer.apple.com/library/prerelease/content/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/APNsProviderAPI.html

Hannon answered 26/9, 2016 at 12:53 Comment(12)

Can we convert .p8 to .PEM type? – Recommit 28/9, 2016 at 14:8

Any platform which required .p8 does not need .PEM file, if it is still required then you need to make it separate – Hannon 28/9, 2016 at 18:11

I think Firebase does not yet support the use of APNs Auth Keys (.p8). But at the same time, it is easier to just do it from your own server now. – Endstopped 20/10, 2016 at 23:33

Thanks - I'm not using firebase, but I found this answer most helpful for moving from .pem to .p8 files. I also found this step-by-step guide from Apple to be invaluable; it was the next step for me after following your answer : eladnava.com/… – Hauser 21/10, 2016 at 8:14

@HardikShah This option "Apple Push Notification Authentication Key (Sandbox & Production)" is not available. why? – Mini 19/6, 2017 at 10:7

@HardikShah is there an option to delete previous Keys created in developer.apple.com? I only see a + button, but no - button , or delete.. – Vetiver 11/5, 2018 at 10:29

@HardikShah any idea what I am doing wrong? I can't get fcm to work. Please red my question stackoverflow.com/questions/50292269 – Vetiver 13/5, 2018 at 22:22

@Vetiver Have you tested to send push notification from the firebase console itself? What are you getting? – Hannon 14/5, 2018 at 8:55

@HardikShah I tried to send push notifications from firebase console itself and I get error Invalid APNs certificate. Check the certificate in settings. Once I download the p8 file from developer.apple.com, the only thing I did was to upload it in firebase console in box that reads APNs Authentication Key . Do I have to double click or do anything else with the p8 file on my Mac? – Vetiver 14/5, 2018 at 9:0

@Vetiver Steps in your questions seems perfectly fine. Just double check that the APP id and bundle ID is proper while adding p8. Actually, it is pretty straightforward process nothing fancy but if you getting trouble then I recommend you that please verify 2 things and if still not work then create a fresh test project and try to do that. Sometimes when we try hard nothing works so in that case it is better to fresh start. – Hannon 14/5, 2018 at 9:5

I know this question is not directly related but I am getting: Exception: TooManyProviderTokenUpdates after updating my certificates to .p8 [#57912197 I am using apns2 library. Can you answer my question? – Fascista 12/9, 2019 at 17:39

This flow generates a .cer file not a .p8 file. Does the .cer need to be converted somehow? – Calvaria 27/5, 2020 at 8:28

May 2021 - Generating `.p8` file instead of `.cer` file

The issue that I had was I couldn't find the way to create the .p8 file and all methods gave me .cer file instead.

Use the Safari, otherwise you may end up with an invalid file.
Head to your Apple developer account
Go to the keys section and click on the plus button (or click here):

⚠️ It is very important to select the keys section and NOT the certificate or identifiers. otherwise you will get the .cer file at last 🤷🏻‍♂️

Select the Apple push notification service:

⚠️ Note that since it is very powerful certificate, it is very limited and you can not have much of these. So if you already created one, you will face something like this image and you should use that file or just revoke the old one.

Download the.p8 file and secure it somewhere.

Zeph answered 12/5, 2021 at 9:21 Comment(2)

This is it, thanks!! The answer, after 2 hours of trying to convert .cer to .pem or .p12 and to .p8, was pretty simple. – Anticipate 6/8, 2021 at 7:38

Hello. As the key was generated, it seems that you can download it only once. After that, it just says that it was already downloaded. I do not have that file anymore (was not the one that created it and downloaded it). What can I do in this situation? Thanks. – Weapon 4/3 at 8:21

So, After taking a while I figured out that the old push certificate generating service also exists.

You get two options:

Apple Push Notification Authentication Key (Sandbox & Production)
Apple Push Notification service SSL (Sandbox & Production)

Those who want to achieve the old style .p12 certificate can get it from second option. I have not used the first option yet as most of the third-party push notification service providers still need the .p12 format certificate.

Any answered 24/10, 2016 at 4:39 Comment(6)

This option "Apple Push Notification Authentication Key (Sandbox & Production)" is not available. Why ? – Mini 19/6, 2017 at 10:12

I am also not able to find this option in the Developer.apple.com, is it any another way to create this p8 file? or to convert a p12 to P8? – Singletary 19/6, 2017 at 10:48

@ParthMehta Did you get any solution for this? – Mini 20/6, 2017 at 10:55

Same here. I do not see Apple Push Notification Authentication Key option – Longerich 21/6, 2017 at 23:23

Same, the ` Authentication Key` option is not available for me :( – Disconnection 10/4, 2019 at 9:57

It complains unless you set the team id on the project settings first. For some reason google wants to read the TeamId for you – Disk 16/4, 2019 at 17:18

Firebase console is now accepting .p8 file, in fact, it's recommending to upload .p8 file.

Sabbatarian answered 15/6, 2017 at 13:14 Comment(5)

Please correct me if wrong, but that App ID prefix is actually the Team ID found at the Membership Information page, right? Because the tooltip clearly says it's located at the Membership Information page, and it even links to it. – Leacock 11/6, 2018 at 22:34

What is the "Key ID" referenced there? Consider me a noob. – Woodworth 21/5, 2019 at 15:51

@UmairAhmed The string of the device token you receive when you ask to register for push notifications. – Sortilege 7/6, 2019 at 17:43

No. It's not the device token. It's the string after the underscore in the name of the .p8 file. Like this ---> AuthKey_A5HG8NYIFC.p8. Also you can see it after creating the key in the Key menu in Certificates, Identifiers & Profiles section in Apple Developer Website. – Macready 11/9, 2019 at 14:57

DO NOT FORGET TO DOWNLOAD YOUR "P8" FILE WITH SAFARI, otherwise it might not work!!!! – Reasonable 12/4 at 17:22

Follow these steps:

1. Generate an APNs Auth Key
Open the APNs Auth Key page in your Developer Center and click the + button to create a new APNs Auth Key.

In the next page, select Apple Push Notification Authentication Key (Sandbox & Production) and click Continue at the bottom of the page.

Apple will then generate a .p8 key file containing your APNs Auth Key.

Download the .p8 key file to your computer and save it for later. Also, be sure to write down the Key ID somewhere, as you'll need it later when connecting to APNs.

2. Send Push Notifications

Ref: APNS (Configure push notifications)

Important: Save a back up of your key in a secure place. It will not be presented again and cannot be retrieved later.

Aporia answered 19/6, 2017 at 16:17 Comment(7)

APN's Auth Key does not exist in my developer portal. Does anyone know why? – Longerich 21/6, 2017 at 23:24

@Longerich - It can be generated once and won't be visible (removes APNS Auth key options) again. Here is reference to your query (help.apple.com/xcode/mac/current/#/…). If you have generated it previously, then it won't be visible to you again. – Aporia 22/6, 2017 at 1:17

I wonder if your link only works for people who paid to have an Apple Developer account. For me, it redirects to developer.apple.com/account/#/welcome – Indeciduous 15/4, 2018 at 19:22

@Aporia I've been stuck for the past few days trying to connect to firebase cloud messaging using the .p8 file and I can't get it to work. Could please have a look at my questions stackoverflow.com/questions/50292269 – Vetiver 13/5, 2018 at 22:25

It doesn't download a p8 file for me :-| – Galbanum 22/9, 2018 at 16:35

Double clicked - it is opened in text editor instead. How to return the default behaviour you described? – Killie 5/3, 2020 at 10:21

hey @Krunal, thanks for the answer, I've worked for make it work but when I get even documentation for FCM it did not work when I upload it p8 file (APNS Key). I had to upload a p12 file too like the old style. I cannot find the problem – Tiffanytiffi 26/4, 2021 at 11:40

You can create the .p8 file for it in https://developer.apple.com/account/

Then go to Certificates, Identifiers & Profiles > Keys > add

Select Apple Push Notification service (APNs), put a Key Name (whatever).

Then click on "continue", after "register" and you get it and you can download it.

Uniaxial answered 2/4, 2020 at 16:19 Comment(0)

When you upload your p8 file in Firebase, in the box that reads App ID Prefix(required) , you should enter your team ID. You can get it from https://developer.apple.com/account/#/membership and copy/paste the Team ID as shown below.

Vetiver answered 1/5, 2018 at 15:6 Comment(1)

Thank you, I was looking for that exactly. The label is clearly wrong in FCM console and no one has noticed that error, even a year after. – Leacock 11/6, 2018 at 22:36

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

May 2021 - Generating .p8 file instead of .cer file

Recommended topics

Hot tags

May 2021 - Generating `.p8` file instead of `.cer` file