Hello,
I have the SDK and the SDK is signing the XMLs, but I notice that Signature Value is always empty, what should I do?
ds:SignatureValue</ds:SignatureValue>
Regards
1 Like
Hello,
Today evening I encountered the following error while submitting a Simplified Tax Invoice to ZATCA. The same process and signing mechanism were working fine earlier, so I believe this might be related to the ZATCA server side or certificate validation.
Below is the API response:
400: {
“validationResults”: {
"infoMessages": \[
{
"type": "INFO",
"code": "XSD_ZATCA_VALID",
"category": "XSD validation",
"message": "Complied with UBL 2.1 standards in line with ZATCA specifications",
"status": "PASS"
}
\],
"warningMessages": \[\],
"errorMessages": \[
{
"type": "ERROR",
"code": "invalid-digital-signature",
"category": "SIGNATURE_ERRORS",
"message": "Invalid digital signature",
"status": "ERROR"
}
\],
"status": "ERROR"
},
“reportingStatus”: “NOT_REPORTED”
}
we are facing same issue since 4 hours now
we are facing same issue since 8 hours !!
until now no update…… no reply…….
we are facing same issue for all customers… I already sent an email to ZATCA and waiting for reply…
Any solutions for this issue?
In my case, I found that SignatureValue is going empty, so that I changed to the latest SDK zatca-einvoicing-sdk-238-R3.4.6 and changed my java version to 11 instead of 21, after that the SignatureValue calculated successfully.
Hi dear community,
We have the same issue. It has started on Friday on simulation for some devices. But now it is happening much more often. Could we please know the reason of this error and how to fix it. I have checked, the certificate is still valid (this was my first assumption, that it got expired). We were reporting using the same codebase for 2 years without any warnings. And now it is returning 400 and the document is not reported:
{
"validationResults": {
"infoMessages": [
{
"type": "INFO",
"code": "XSD_ZATCA_VALID",
"category": "XSD validation",
"message": "Complied with UBL 2.1 standards in line with ZATCA specifications",
"status": "PASS"
}
],
"warningMessages": [],
"errorMessages": [
{
"type": "ERROR",
"code": "invalid-digital-signature",
"category": "SIGNATURE_ERRORS",
"message": "Invalid digital signature",
"status": "ERROR"
}
],
"status": "ERROR"
},
"reportingStatus": "NOT_REPORTED"
}
@Ankit.K.Tiwari it would be nice to clarify the situation.
– Sergei
@sergei.shishov @hima223384 @SP_AdvanceSystem @ucitco @MohmedEmara @Saif ZATCA teams are investigating the root cause. Currently one of the reasons identified is if the Java version is not between Java 11 and Java 15, then it results in signature error. We will keep you posted here
Please note that we are not using SDK at all, we are using our self-crafted solution written in Python. And it was working for the last 2 years without any issues. We would like to know what does this error means, using this information we can check what is wrong.
On your BackEnd for sure you have some validation which leads to this error. It would be nice to know what this validation is about and then we can guess what we should change on our solution (non-SDK) to satisfy.
Cryptic errors without explanation on public API is not very helpful to be honest. It would be nice if the error has an explanation or at least the link to the explanation, that users can easily integrate and onboard themselves not only using SDK but using direct public API which you provide.
– Sergei
@sergei.shishov noted, as i mentioned it was one of the identified reasons.
@sergei.shishov @hima223384 @SP_AdvanceSystem @ucitco @MohmedEmara @Saif please try now and confirm. New validation has been rolled back from ZATCA’s side for immediate relief to impacted taxpayers.
Hi @Ankit.K.Tiwari,
Thank you for updating us. As the changes have been rolled back and now everything looks good, could we find out what was the changes about? I guess that these changes should be released at some point, but we need to make sure that they are correct and everyone else is ready for them.
As I understand, the additional validation of signature is going to be released, therefore the question is - what are these changes, how and what you are validating and probably some users should update their integrations. Just a note, a lot of users around not using SDK but instead using their own solutions.
It would be nice if we know what changes to expect and probably has an ability to test them out before they released to production.
– Sergei
1 Like
@sergei.shishov the new validation was intended to return a warning to those taxpayers who use a different private key for signing simplified invoices than the one generated along with PCSID. Teams are investigating the root cause for rejection in certain scenarios
@Ankit.K.Tiwari Can you confirm if this change is still available on Simulation.
So we can check for our certificate.
As I can see we did received invalid signature warnings.
you can resend it again
The validation was about SignatureValue in XML, I was using JAVA 21 and old SDK when I moved to the latest SDK and JAVA 11, the issue was solved and the signed XML contain SignatureValue.