TokenError: Invalid private key provided for algorithm ES256

[bluepuma77]

Sorry, I am a bit lost. Had apns2 working with a .p8 file with sandbox, don't remember how I created that.

Now I created a new cert with Apple ("Apple Push Notification service SSL (Sandbox & Production)", which generated a .cer file, which I can import into "Keychain access" and export as .p12. But none of those seem to work with apns2:

push() ERROR undefined TokenError: Invalid private key provided for algorithm ES256.
    at checkIsCompatibleAlgorithm (/app/node_modules/fast-jwt/src/signer.js:39:11)
    at createSigner (/app/node_modules/fast-jwt/src/signer.js:236:7)
    at ApnsClient._getSigningToken (/app/node_modules/apns2/dist/apns.js:101:52)
    at ApnsClient._send (/app/node_modules/apns2/dist/apns.js:49:47)
    at ApnsClient.send (/app/node_modules/apns2/dist/apns.js:35:21)
    at push (file:///app/src/lib/push.js:27:37)
    at pusher_start (file:///app/src/lib/pusher.js:43:27)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  code: 'FAST_JWT_INVALID_KEY'
}

Even converted .p12 to a .pem (which contains public and private key in text), still get error:

TokenError: Public keys are not supported for signing.

Using node:20-alpine and apns2 11.7.0.

What am I missing?

[AndrewBarba]

You need to generate a p8 file not a cert/pem file. And note that the p8 file used for the sandbox also works with production. Follow this guide https://developer.apple.com/documentation/usernotifications/establishing-a-token-based-connection-to-apns

[bluepuma77]

@AndrewBarba Thanks! I tried to create a cert, but needed a key 😉