this is my config file. after generating the CSR and sending the request, I get an “Invalid Request” error
but when I use the CSR provided by the Fatoora website, it works fine
Dear @mohamedhasan7422
Thanks for reaching out. Welcome to our community.
To provide comprehensive support as usual, can I kindly ask you to mention the exact steps that you followed from the beginning, along with the exact API that you are hitting?
Thanks,
Ibrahem Daoud.
Thank you for your interest
The first step is creating a config.cnf file
[req]
default_bits=2048
emailAddress=test_email@gmail.com
req_extensions=v3_req
x509_extensions=v3_Ca
prompt=no
default_md=sha256
req_extensions=req_ext
distinguished_name=dn
[dn]
C=SA
OU=Demora Branch
O=Test Company
[v3_req]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[req_ext]
certificateTemplateName = ASN1:PRINTABLESTRING:PREZATCA-code-Signing
subjectAltName = dirName:alt_names
[alt_names]
SN=1-Model|2-3492842|3-49182743421
UID=399999999900003
title=1100
registeredAddress=TestAddress
businessCategory=Software Development
The second step is creating a private key.
openssl ecparam -name secp256k1 -genkey -noout -out privatekey.pem
Creating a public key.
openssl ec -in privatekey.pem -pubout -conv_form compressed -out publickey.pem
The third step is creating a CSR.
openssl base64 -d -in publickey.pem -out publickey.bin
openssl req -new -sha256 -key privatekey.pem -extensions v3_req -config csrconfig.cnf -out .\taxpayer.csr
The fourth step is decoding the CSR.
openssl base64 -in taxpayer.csr -out taxpayerCSRbase64Encoded.txt
The fifth step is making a call to this endpoint.
gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/compliance
Dear @mohamedhasan7422
Thank you for your collaboration. Please note that the sandbox is intended only to clarify the onboarding steps. You can not successfully integrate using Sandbox.
The successful integration can be in the simulation or production environments. After your PCSID is received, it will contain “BinaryToken and Secret”. After that, you need to decode base64 the BinaryToken and replace it in the SDK following this path if you are using .Net-version “zatca-einvoicing-sdk-DotNet-238-R3.4.6\Data\Certificates”. Replace the content of the “cert.pem” file with your own PCSID (Decoded BinaryToken), knowing that when you sign your XML, you must use your PCSID and PrivateKey, that generated along with your CSR. In the same directory, you also need to replace the content of “ec-secp256k1-priv-key.pem” with your own Private key, as mentioned, the same one generated with your CSR.
Kindly follow the above steps in the simulation environment, ensure that you are using the OTP from the Simulation portal, and it should work as expected.
SDK installation link: Zatca
I hope it’s clear enough now.
Thanks,
Ibrahem Daoud.