we are currently using an APNs Authentication Key to send notifications and have not generated any Development or Production APNs certificates. Could you please confirm whether using the APNs Authentication Key alone is sufficient under the updated requirements?
Alternatively, do we need to generate Development and Production APNs certificates that support SHA-2 for compliance with the changes?
The server Root CA Certificate is beyond any APNs certificates for your servers, or ones you build your app with. It is required to be able to create a secure https connection to the APNs hosts. Regardless of you using certificate or token based authentication, you need this certificate to create a connection.
Therefore you need to make sure that this new certificate is present in any server you have that communicates directly with APNs.
Argun Tekant / DTS Engineer / Core Technologies