Failed to sign invoice

Signing process
1

Hi,

I am unable to sign an invoice getting an error

1Openssl8.cnf
1Openssl8.cnf546×705 109 KB

(please provide certificate decoded base 64). We are working on SANDBOX (Test client). Following are the steps taken in a sequence.

  1. openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem
    Moved generated key to zatca-einvoicing-sdk/Data/Certificate/ec-secp256k1-priv-key.pem

  2. openssl ec -in PrivateKey.pem -pubout -conv_form compressed -out PublicKey.pem

  3. openssl base64 -d -in PublicKey.pem -out PublicKey.bin

  4. openssl req -new -sha256 -key privateKey.pem -extensions v3_req -config config.cnf -out taxpayer.csr
    Moved generated cert key to zatca-einvoicing-sdk/Data/Certificate/cert.pem

  5. Now we tried to sign the invoice by using
    fatoora -sign -invoice 91013993.xml
    Result is failed to sign invoice (please provide certificate decoded base64).

I have attached XML, Private key Public key and Certificate (notepad txt file) along with a CNF file (which is used to generate the CSR file) Please help to resolve this issue.

Private Key
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIC8DIeuH4tqZxaCpqlZHhkZR/Bc5KYiT8Ud20InZj2UcoAcGBSuBBAAK
oUQDQgAE2sBOF8flooZ65gTLFnh3o2i1I2+rC8ClCi3yAprt/2nP8lHjjcZmJGbS
rGlMUzTmhWWD/akBuVrBZXanw6uL6g==
-----END EC PRIVATE KEY-----

-----BEGIN PUBLIC KEY-----
MDYwEAYHKoZIzj0CAQYFK4EEAAoDIgAC2sBOF8flooZ65gTLFnh3o2i1I2+rC8Cl
Ci3yAprt/2k=
-----END PUBLIC KEY-----

-----BEGIN CERTIFICATE REQUEST-----
MIICLTCCAdMCAQAwZjELMAkGA1UEBhMCU0ExEzARBgNVBAsMCjMxMDk0NzYwODgx
JzAlBgNVBAoMHkFsIFRpbGFsIFN0ZWVsIENvbXBhbnkgTGltaXRlZDEZMBcGA1UE
AwwQSmVkZGFoLVNhbmRCb3gtMTBWMBAGByqGSM49AgEGBSuBBAAKA0IABNrAThfH
5aKGeuYEyxZ4d6NotSNvqwvApQot8gKa7f9pz/JR443GZiRm0qxpTFM05oVlg/2p
AblawWV2p8Ori+qgggEMMIIBCAYJKoZIhvcNAQkOMYH6MIH3MCQGCSsGAQQBgjcU
AgQXExVQUkVaQVRDQS1Db2RlLVNpZ25pbmcwgc4GA1UdEQSBxjCBw6SBwDCBvTE/
MD0GA1UEBAw2MS1zYW5kYm94fERMMzgwfDMtMTcwODZlMjItYmJjNC00NmQ2LTk5
NzgtY2YyNDI1ZTA0MDVlMR8wHQYKCZImiZPyLGQBAQwPMzEwOTQ3NjA4ODAwMDAz
MQ0wCwYDVQQMDAQxMTAwMTcwNQYDVQQaDC43MDQ0IEFzIFNhaGlsIERpc3RyaWN0
IEplZGRhaCAyMjUxNyA0MDk4IFVuaXQxMREwDwYDVQQPDAhJbmR1c3RyeTAKBggq
hkjOPQQDAgNIADBFAiEA8SjD+TH+q6/trsdhvDrqJUBfL1bEW66A79iTdIDtnjMC
IAicyYrkZhKeKch3Xt6IbIHMYJ+7HQ+P7nM/5b/1pxYl
-----END CERTIFICATE REQUEST-----

I have attached the openssl8.cnf image file as well. We are using zatca-einvoicing-sdk-231-R3.1.7. Please suggest where is the issue.

2

Morning @RMU

Thanks for reaching out,

Please note that the Sandbox portal is only for explaining the onboarding steps and you can not onboard any device on it because it has a static cert. However, you can follow the same steps on simulation or production environments, since they are the only environment to ensure a successfully onboarding.

So our recommendations are the below:
1- Try the same steps on simulation env first, as it’s a test environment.
2- Make sure that you have access to fatoora simulation portal to get the OTP from it since you are using in the .cnf file certificateTemplateName to simulation env.
3- from the fatoora simulation portal you will find an APIs documentation which showing the right API to use in order (compliance, compliance checks, PCSID, clerance, and reporting) APIs.
4- after successfully onboarding in simulation env, you can start with production.

Please follow the mentioned steps, and you will be able to sign successfully your invoices.

If you faced any concerns after following the steps, do not hesitate to reach out.

Thanks,
Ibrahem Daoud.