I am unable to use the P8 private key for APNS to push notifications via JWT. I am trying to verify that the key is good, but I can't even use openssl to change its format.
$ openssl pkcs8 -in AuthKey_DE4BZ3EFCZ.p8 -out AuthKey.pem
Error reading key
18784:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:.\crypto\pem\pem_lib.c:753:
I am using a Node JS script to test the notification, using jws module and I get the following error:
crypto.js:283
var ret = this._handle.sign(toBuf(key), null, passphrase);
^
Error: error:0906D066:PEM routines:PEM_read_bio:bad end line
at Error (native)
at Sign.sign (crypto.js:283:26)
...
...
Is there something wrong with private key, or am I doing something wrong? A quick research on the net points to the version of openssl libraries. What version of openssl do I need to make this work?
I figured it out... The PKCS8 private key that apple generates has the key encoded all on one line, like this:
-----BEGIN PRIVATE KEY----- MIIDBjCCAm8CAQAwcTERMA8GA1UEAxMIcXV1eC5jb20xDzANBgNVBAsTBkJyYWluCmHFqMOvXaFlT/BBBBBBBBBBBBBBBBBBBBBBBBBDAQehRANCAACCCCCCCRnZHgbzkA1DPsDBQPDhm76d6lgaGUC9M+AAAAAAAAAAAAAAAAAAAAAAAAAAsAnAZ14noyVWSBV/nsIM -----END PRIVATE KEY-----
And it needs to be 64 chars per line for crypto library to accept it. Like this:
-----BEGIN PRIVATE KEY----- MIIDBjCCAm8CAQAwcTERMA8GA1UEAxMIcXV1eC5jb20xDzANBgNVBAsTBkJyYWlu CmHFqMOvXaFlT/BBBBBBBBBBBBBBBBBBBBBBBBBDAQehRANCAACCCCCCCRnZHgbz kA1DPsDBQPDhm76d6lgaGUC9M+AAAAAAAAAAAAAAAAAAAAAAAAAAsAnAZ14noyVW SBV/nsIM -----END PRIVATE KEY-----