I have everything created config.cnf, privatekey, public key and then going for csr with proper command but still getting same error ‘Invalid-CSR’
{“errorCode”:“400”,“errorCategory”:“Invalid-CSR”,“errorMessage”:“The provided Certificate Signing Request (CSR) is invalid.”}

execute_command([OPENSSL_PATH, “ecparam”, “-name”, “secp256k1”, “-genkey”, “-noout”, “-out”, os.path.join(cert_path, ‘privatekey.pem’)])

Generate public key

execute_command([OPENSSL_PATH, “ec”, “-in”, os.path.join(cert_path, ‘privatekey.pem’), “-pubout”, “-conv_form”, “compressed”, “-out”, os.path.join(cert_path, ‘publickey.pem’)])

Generate CSR (Certificate Signing Request)

execute_command([OPENSSL_PATH, "base64", "-d", "-in", os.path.join(cert_path, 'publickey.pem'), "-out", os.path.join(cert_path, 'publickey.bin')])

#GENRATE CSR
execute_command([OPENSSL_PATH, “req”, “-new”, “-sha256”, “-key”, private_key_path, “-extensions”, “v3_req”, “-config”, config_path, “-out”, csr_path])

CONVERTING CSR File to BASE64

execute_command([OPENSSL_PATH, “base64”, “-in”, csr_path, “-out”, csr_base64_encoded_file_path])

plz help

Dear @tek1966

Thanks for reaching out, welcome to our community.

Please try to follow these steps:

1- Create private key

openssl ecparam -name secp256k1 -genkey -noout -out ec-secp256k1-priv-key.pem

2- Create public key

openssl ec -in ec-secp256k1-priv-key.pem -pubout > ec-secp256k1-pub-key.pem

3- Create CSR

openssl req -new -sha256 -key ec-secp256k1-priv-key.pem -extensions v3_req -config config.cnf -out my.csr

If this doesn’t work, then Can I kindly ask you to share the .cnf file to double check it?

Thanks,
Ibrahem Daoud.

Please share Config.csr file, you have some issue in the file itself.

Issue resolved. Actually the issue was related to OpenSSL.

are you working on Simulation or Production?

I am using Simulation, But i m facing new issue when trying to generate PCSID.
Everything is successfully running like CCSID generation , and all Compliance check but during Generation of PCSID with simulation i facing below error:-

{
“errorCode”: “400”,
“errorCategory”: “Invalid-CSR”,
“errorMessage”: “The provided Certificate Signing Request (CSR) is invalid.”
}

i m using API for this is :-:

https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/production/csids

csrconfig.cnf is below:-
oid_section = my_oids
[my_oids]
tsa_policy1 =1.3.6.1.4.1.311.20.2

[ req ]
default_bits = 2048
emailAddress = bilaljmal@gmail.com
req_extensions = v3_req
x509_extensions = v3_ca # The extensions to add to the self signed cert
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C=SA
O=Noora Ayed Sayed Al-Shhri Est
OU=Jeddah Branch
CN=4030213532

[ req_ext ]

1.3.6.1.4.1.311.20.2 =ASN1:PRINTABLESTRING:b’…PREZATCA-Code-Signing’
subjectAltName = dirName:alt_names

[ v3_req ]

Extensions to add to a certificate request

basicConstraints = CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment

[ alt_names ]
SN=1-TSS|2-ERP|3-430fd4b1-5063-4e1d-9cdc-08ce31ca51f1S
UID=310200338700003
title=1100
registeredAddress=Jeddah
businessCategory=Information Technology

i m waiting for your response

check this line, maybe something wrong with that

Can you share CSR and CSID also