when I try to genrate CSID I got this error
" ORA-29024: Certificate validation failure "
using oracle pl/sql
DECLARE
l_http_req UTL_HTTP.req;
l_http_resp UTL_HTTP.resp;
l_url VARCHAR2(4000) := ‘https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance’;
l_body CLOB := ‘{“csr”: “LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQlFUQ0I2QUlCQURCZ01Rc3dDUVlEVlFRR0V3SlRRVEVXTUJRR0ExVUVDd3dOVW1sNVlXUm9JRUp5WVc1agphREVsTUNNR0ExVUVDZ3djUVd4bFpYTmpieUJTWldGa2VVMXBlQ0JEYjI1amNtVjBaU0JEYnpFU01CQUdBMVVFCkF3d0pNUzFCYkdWbGMyTnZNRll3RUFZSEtvWkl6ajBDQVFZRks0RUVBQW9EUWdBRStoTjJsbllYRWpWTFRSWlAKM1JMc2JCeDgveHlKYXZ4VmNSc28xSGEzdDVzR1lZc01TcEJCL2N5UWdabEUzaEliSWNUSjRaUDdVeEdHZ2lNSgpvRVFVWXFBcE1DY0dDU3FHU0liM0RRRUpEakVhTUJnd0NRWURWUjBUQkFJd0FEQUxCZ05WSFE4RUJBTUNCZUF3CkNnWUlLb1pJemowRUF3SURTQUF3UlFJZ1F1V2kycmNISkZtY0V3V3BKbWNzUkluSmU5TkFVZlB2TnAxQlUxNncKRUlnQ0lRQytFSHBmbXNDM2xNcmhoZFlxeXZuTTRmTVdLaHNvaHFtNTUvWWEzRC80OWc9PQotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0=”}’;
l_buffer VARCHAR2(32767);
BEGIN
– Initialize HTTP Request
l_http_req := UTL_HTTP.begin_request(l_url, ‘POST’, ‘HTTP/1.1’);
-- Set Headers
UTL_HTTP.set_header(l_http_req, 'accept', 'application/json');
UTL_HTTP.set_header(l_http_req, 'OTP', '534184');
UTL_HTTP.set_header(l_http_req, 'Accept-Version', 'V2');
UTL_HTTP.set_header(l_http_req, 'Content-Type', 'application/json');
-- Send Request Body
UTL_HTTP.write_text(l_http_req, l_body);
-- Get Response
l_http_resp := UTL_HTTP.get_response(l_http_req);
-- Read Response
LOOP
UTL_HTTP.read_text(l_http_resp, l_buffer);
:P1_NEW := l_buffer;
END LOOP;
-- Close HTTP Connection
UTL_HTTP.end_response(l_http_resp);
EXCEPTION
WHEN OTHERS THEN
:P1_NEW :='Error: ’ || UTL_HTTP.get_detailed_sqlerrm;
END;
Dear @Wmoheb,
The submitted CSR is missing the required extensions of the ZATCA template, would you please elaborate on the method that has been used to generate the CSR? of it was obtained using OpenSSL, then please ensure that you include the extensions tag in the generation command so the OpenSSL capture all of the extensions specified in the CSR config file (.CNF)
Some OpenSSL versions (older versions) don’t require such extensions tags to be specified in the generation command, while other versions (newer versions) require the extensions tag to be exist in the CSR generation command, so make sure to take this into your consideration.
Once you generated a new CSR and it was longer in length that this submitted CSR, it will probably get this issue solved, also, kindly share the API response from ZATCA if you still face the issue.
Regards,
The issue doesn’t seem to be related to the CSR. The request isn’t even reaching the ZATCA platform due to an SSL/TLS handshake problem. The error appears to be originating from the HttpClient, preventing the connection from being established in the first place. The CSR issue would only become relevant once a successful SSL/TLS connection is made.
The Oracle error ORA-29024: Certificate validation failure indicates that the Oracle database was unable to validate the SSL/TLS certificate of the server it was attempting to connect to. This often occurs when using functions like UTL_HTTP.REQUEST or APEX_WEB_SERVICE.MAKE_REST_REQUEST to access HTTPS URLs.
As a troubleshooting step, try accessing a different endpoint, regardless of what it is. If you encounter the same issue, consider using a proxy.
thank you all
now I got the final CSID and I’m ready
but I used POSTMAN
now I can use oracle pl/sql or Js
Basic auth … OK
headers V2,EN … OK
body raw/JSON …
{
“invoiceHash”: “kkkkkkkkkkkkkk=”, // is that must generate with every invoice???
“uuid”: “8e6000xxxxxxxxxxxxxx”, // is that must generate with every invoice???
“invoice”: “PD94bWwgdmVyc2lvbj0iMS4wIiBlbm”
} I made it by xml then encode to base64 … OK
1 Like