DEV Community

Cover image for 📲 Why Your iOS Push Notifications Just Died: APNs Certificates vs. Keys
George Ikwegbu Chinedu
George Ikwegbu Chinedu

Posted on

📲 Why Your iOS Push Notifications Just Died: APNs Certificates vs. Keys

#flutter #firebase #ios #apple

Cover image source: RDNE Stock project by RDNE

If you've been building Flutter apps for a while, you know the sinking feeling of a QA report saying: "Push notifications stopped working on iOS." You check the code, and nothing has changed. You check Android, and it works perfectly.

Then you log into Firebase and see it: The dreaded red box. Your APNs certificates have expired.

In this article, we'll dive into the fundamental difference between APNs Certificates and Auth Keys, and why as a seasoned developer, you should almost always choose the latter.

The Contenders: .p12 vs. .p8

For years, developers relied on APNs Certificates (.p12 files). While they work, they come with a high maintenance cost. Recently, Apple introduced APNs Authentication Keys (.p8 files), which have quickly become the industry standard.

1. APNs Certificates (.p12)

  • Expiration: They expire every 12 months. If you forget to renew them, your production notifications stop instantly.
  • Scope: Each certificate is tied to a single App ID. If you have 5 apps, you manage 5 certificates.
  • Environment: You often need separate certificates for Development (Sandbox) and Production.

2. APNs Authentication Keys (.p8) — Recommended

  • Expiration: They never expire. Set it once, and forget it forever.
  • Scope: One key works for all your apps under a single Apple Developer account.
  • Environment: The same key handles both Sandbox and Production environments seamlessly.

Step-by-Step: How to Get Your APNs Credentials

Option A: The Modern Way (APNs Auth Key)

This is the "Pro" move to ensure your notifications never die again.

  1. Apple Developer Portal: Log in and head to Certificates, Identifiers & Profiles.
  2. Create Key: Click Keys on the left sidebar, then hit the (+) button.
  3. Configure: Give it a name (e.g., "Firebase_Global_Key") and check the box for Apple Push Notifications service (APNs).
  4. Register & Download: Click Continue, then Register. Download the .p8 file.
    • Warning: You can only download this file **ONCE. Store it securely!
  5. Firebase Setup: Go to Project Settings > Cloud Messaging. Under your iOS app, upload the .p8 file. You’ll need your Key ID (found on the download page) and your Team ID (found in your Apple account membership details).

Option B: The Old Way (APNs Certificate)

Use this only if your specific infrastructure requires it.

  1. Apple Developer Portal: Go to Certificates and click (+).
  2. Select Type: Choose Apple Push Notification service SSL (Sandbox & Production).
  3. Choose App ID: Select the specific Bundle ID for your app.
  4. CSR Request: You’ll need to upload a Certificate Signing Request (CSR) generated from your Mac's Keychain Access app.
  5. Download & Export: Once generated, download the .cer file. Double-click to add it to your Keychain, then right-click and Export it as a .p12 file.
  6. Firebase Setup: Upload this .p12 file to Firebase under Cloud Messaging.

The Expert Verdict

Stop using .p12 certificates. The overhead of annual renewals and multi-app management is a productivity killer. Switch to a .p8 Auth Key today to safeguard your app's communication and keep your QA team happy.

Happy Fluttering! 🚀

Top comments (0)