I'm trying to configure the Apple Push Notification Service (APNS) in the SAS Tenant, but
I wasn't able to do it for the reason that Tenant notifies me that the key or the certificate are invalid, probably because they don't match.
Perhaps I'm doing wrong when I try to upload the key and certificate in the Tenant.

My key has the following format:

auth: 
 key_identifier: "K86*******"
 encryption_key: |

-----BEGIN PRIVATE KEY-----
MIGTAgE*********************************************************
****************************************************************
****************************************************************
*****PR
-----END PRIVATE KEY----- 

And my PEM certificate has the following information:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:8d:c8:**:**:**:**:**:**:**:**:**:**:**:**:**
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Apple Worldwide Developer Relations Certification Authority, OU=G4, O=Apple Inc., C=US
        Validity
            Not Before: May  8 13:43:53 2024 GMT
            Not After : Jun  7 13:43:52 2025 GMT
        Subject: UID=com.services.xxx.ar.beta, CN=Apple Sandbox Push Services: com.services.xxx.ar.beta, OU=XXXXXXXXXX, C=US
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:22:8b:1f:a6:59:ab:4d:42:ae:24:d5:fa:88:
                    fb:a5:99:d2:95:ee:7d:2d:aa:0e:11:81:d1:cb:2b:
                    47:4b:61:25:84:13:ff:cc:81:32:d7:19:3e:43:0f:
                    **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:
                    **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:
                    **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:
                    **:**
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                keyid:5B:D9:FA:1D:E7:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**

            Authority Information Access: 
                CA Issuers - URI:http://certs.apple.com/wwdrg4.der
                OCSP - URI:http://ocsp.apple.com/ocsp03-wwdrg403

            X509v3 Certificate Policies: 
                Policy: 1.2.840.XXXXXX.100.5.1
                  User Notice:
                    Explicit Text: Reliance on this certificate by any party assumes acceptance of the then applicable standard terms and conditions of use, certificate policy and certification practice statements.
                  CPS: https://www.apple.com/certificateauthority/

            X509v3 Extended Key Usage: 
                TLS Web Client Authentication
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.apple.com/wwdrg4-8.crl

            X509v3 Subject Key Identifier: 
                E1:A2:6A:52:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**
            X509v3 Key Usage: critical
                Digital Signature
            1.2.840.XXXXXX.100.6.3.6: 
                0....com.services.xxx.ar.beta0...topic."com.services.xxx.ar.beta.voip0...voip.*com.services.xxx.ar.beta.complication0...complication.&com.services.xxx.ar.beta.voip-ptt0....voip-ptt
            1.2.840.XXXXXX.100.6.3.1: 
                ..
    Signature Algorithm: sha256WithRSAEncryption
         4e:b6:f9:2e:a6:4b:18:ee:4e:c3:e9:d4:87:7c:c6:e3:1c:2f:
         **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:
         **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:
         **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:
         *:*:*:**
-----BEGIN CERTIFICATE-----
MIIGwzCCBaugAwIBAgIQT43Ib7PkvDBu64j4xf8sZzANBgkqhkiG9w0BAQsFADB1
MUQwQgYDVQQDDDtBcHBsZSBXb3JsZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9ucyBD
ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTELMAkGA1UECwwCRzQxEzARBgNVBAoMCkFw
cGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTI0MDUwODEzNDM1M1oXDTI1MDYwNzEz
****************************************************************
****************************************************************
****************************************************************
*************************************************************g==
-----END CERTIFICATE-----

NOTE: I'm reading the pem certificate content with the following command in my Mac:

openssl x509 -in apns_certificate_cert.pem -text

I tried a couple of things but I did't manage to find the correct way to do it.

• First I tried to upload the content as I mentioned before (copy the entire contents). Didn't work.
• Second I tried to upload only -----BEGIN PRIVATE KEY----- *** -----END PRIVATE KEY----- part for the key field and -----BEGIN CERTIFICATE----- *** -----END CERTIFICATE----- part for the certificate field. Didn't work.
• Lastly, I tried to add some metadata in the following way for the certificate field:

Bag Attributes
    friendlyName: Apple Sandbox Push Services: com.services.xxx.ar.beta
    localKeyID: E1 A2 6A 52 BE ** ** ** ** ** ** ** ** ** ** ** ** ** ** **
subject=/UID=com.services.xx.ar.beta/CN=Apple Sandbox Push Services: com.services.xxx.ar.beta/OU=7C893PWHR8/C=US
issuer=/CN=Apple Worldwide Developer Relations Certification Authority/OU=G4/O=Apple Inc./C=US
-----BEGIN CERTIFICATE-----
MIIGwzCCBaugAwIBAgIQT43Ib7PkvDBu64j4xf8sZzANBgkqhkiG9w0BAQsFADB1
MUQwQgYDVQQDDDtBcHBsZSBXb3JsZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9ucyBD
ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTELMAkGA1UECwwCRzQxEzARBgNVBAoMCkFw
****************************************************************
****************************************************************
****************************************************************
****************************************************************
*****g==
-----END CERTIFICATE-----

It didn't work.

What's the correct way to upload this information?

I'm not sure what I'm doing wrong. Perhaps I'm not reading the certificate in the correct way or the format for the key and certificates are incorrect.

Hope you can help me. Thanks!