Could you please help us. For most of our customers everything works as expected. But some clients have difficulties to onboard devices.
- CSR generation is successful
- generation of compliance CSID is successful
- compliance checks are successful
- generation of production CSID is failed with the following response:
{"code":"Invalid-CurrentCCSID","message":"The provided CurrentCCSID is invalid"}
Please note that it is happening not for every client. The error is very cryptic and does not disclose what exactly is wrong. For instance if I change the compliance_request_id to random number, I will get exactly same response.
Could you please clarify the standards, what is allowed, what is not allowed in CSR data and in CSID data, like arabic letters allowed or not etc…
Currently some our customers are stuck and cannot proceed, as this error is not on our side and we do not know how to properly fix it.
Dear @sergei.shishov
Thank you for reaching out
Kindly note that i was a known issue and has been solved could you try again.
o resolve the CSR generation error, follow these steps:
1-Access Fatoora Portal
Click Onboard New Solution Unit/Device to generate the OTP. Use the Simulation environment unless onboarded in Production, where OTP must be obtained from Production.
2-Prepare Config File
Ensure the VAT number in the CSR config file matches the VAT number linked to Fatoora.
3- Use the below COmmands to generate the csr
Java:
Simulation: fatoora -sim -csr -csrConfig <configfile.properties>
Production: fatoora -csr -csrConfig <configfile.properties>
.NET:
Simulation: fatooranet csr -sim -csrConfig <configfile.properties>
Production: fatooranet csr -csrConfig <configfile.properties>
5-Generate The CCSID Using API Endpoints
Simulation: https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance
Production: https://gw-fatoora.zatca.gov.sa/e-invoicing/core/compliance
If you need further assistance, feel free to reach out.
Thanks,
Hi @halrashidy , just to note that we are using our custom implementation, therefore these comments are not helpful.
There were a lot of different topics at some point in time, like do not use Arabic for CSR names, now it is allowed, then there was a difference in order of subject fields which were causing exactly this case… and apparently the order should be specific (no word about it in the specification). Now I come up with the Organization (O) lengh limit - should be 64 according to the specification, but nothing is said in your implementation Security Standards about it…
I do not think that the User should read full RFC to implement the specification format. Also for the same length 80 inside the CSR Organization (O) tag - we can properly generate Compliance CSID, but when we try to generate Production CSID - it fails? Are we using different specification/logic for compliance and production CSIDs generation?
Best regards,
Sergei