When I am doing compliance/invoices, I am getting these errors. I am testing the XML on the web and these errors are coming, and when I am doing it via the API, these errors are occurring. Can anyone help me resolve this?
Dear @obaidrehman
Thank you for reaching out & welcome to the community.
1- You can follow the below steps for the signing process:
1-After submitting the Certificate Signing Request (CSR) via the Compliance Request CSID API, you will receive a BinaryToken and a secret.
2-Decode the BinaryToken using a base64 decoder. The decoded value will be the x.509 certificate.
3-Navigate to the SDK directory: SDK/Data/Certificates/Cert.pem.
4-Replace the contents of the Cert.pem file with the x.509 certificate obtained from the decoded BinaryToken.
5-Insert the newly generated private key into the ec-secp256k1-priv-key.pem file.
6-For .Net SDK, run the following command: fatooranet -sign -invoice “invoice.xml”
7-The invoice will now be signed and can be successfully submitted during the compliance checks phase via the Compliance Invoice API.
Do the same steps with production CSID to sign and submit e invoices to the reporting APIs.
And if you are implementing the signing process in your own code, please refer to the below document:
SigningProcessUpdated.pdf (392.7 KB)
2- please make sure that you are using the production CSID and not the compliance CSID for signing invoices.
In the onboarding process, 2 CSIDs (X509 certificates) will be returned.
First one: after requesting the compliance CSID API, (which is the first step to do in onboarding process), we use this certifecate to sign invoices for the compliance checks step (compliance Invoice API), so we only use this certificate to sign invoices for the testing purposes in the compliance checks phase, as invoices in compliane checks are not being sent to ZATCA.
Second one: after requesting the production CSID API, we use this certificate to sign real invoices that are being sent to ZATCA by reporting API for simplified invoices or clearance API for standard invoices, however signing standard invoices is optional & not mandatory.
so, what suggested is to make sure that you are using the PCSID X5509 certificate to sign your invoices,and check again.
If you are still facing any issue, please don’t hessite to reach out.
E-invoicing@zatca.gov.sa
sp_support@zatca.gov.sa
Thank you.