Pushpad Logo Pushpad

Certificates and keys

Obtaining the Apple certificate for your website

Apple requires that you are enrolled in their developer program in order to add push notifications to your website. This is only required if you want to support Safari (desktop).

  1. Go to Apple Developers Member Center (you need to pay a fee to sign up)
  2. Go to Certificates, Identifiers & Profiles > Identifiers > Website Push IDs
  3. Create a new identifier: Description is the name of your website and ID is your reverse domain name prefixed with web. (e.g. web.com.example)
  4. Go to Certificates > Production
  5. Create a new certificate: select Website Push ID Certificate and your previously created ID
  6. Create a Certificate Signing Request and upload it:
    openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.pem
  7. Download your certificate
  8. Convert it to PEM format:
    openssl x509 -in website_aps_production.cer -inform DER -out website_aps_production.pem -outform PEM

When you create a new sender, as described in the Getting started section, you'll need to copy and paste the contents of privateKey.pem and website_aps_production.pem. Both files are in plain text and can be opened with any text editor or using the cat command.

Obtaining the GCM API key and sender ID for your website (legacy)

Pushpad now uses VAPID for authentication and you don't need these steps anymore. The documentation is kept for legacy projects.

Method 1: Firebase

  1. Go to Firebase
    Firebase step 1
  2. Click Create new project and enter your project name
    Firebase step 2
  3. Click the gear icon near your project name and click Project settings
    Firebase step 3
  4. Go to the Cloud messaging tab
    Firebase step 4
  5. Under Project credentials you can find your Server key (which is the GCM API key) and Sender ID

Method 2: Google Developers Console

Since Firebase is a project that includes Google Cloud Messaging, this legacy method still works. It has the advantage that it shows more options in the project settings and allows for API key reset for example.

  1. Go to Google Developers Console
  2. Click Create project and enter your project name
  3. From the API Manager, find Google Cloud Messaging and click Enable
  4. Go to Credentials and create an API key (Server key)
  5. You can find your sender ID in IAM & Admin > Settings > Project number