The provided Certificate Signing Request (CSR) is invalid (Sim Mode)

Onboarding, renewal and revocation
1

I am getting the below error on SIM mode

The provided Certificate Signing Request (CSR) is invalid

My CSR config file is below

oid_section = OIDs

[OIDs]
certificateTemplateName=1.3.6.1.4.1.1311.20.2

[req]
default_bits = 2048
emailAddress = MyEmail@email.com
req_extensions = v3_req
x509_extensions = v3_ca
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[dn]
CN={$config[‘csr.common.name’]}
OU={$config[‘csr.organization.unit.name’]}
O={$config[‘csr.organization.name’]}
C={$config[‘csr.country.name’]}

[v3_req]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment
extendedKeyUsage = codeSigning

[req_ext]
certificateTemplateName = ASN1:PRINTABLESTRING:{$this->asn_template}
subjectAltName = dirName:alt_names

[alt_names]
SN={$config[‘csr.serial.number’]}
UID={$config[‘csr.organization.identifier’]}
title={$config[‘csr.invoice.type’]}
registeredAddress={$config[‘csr.location.address’]}
businessCategory={$config[‘csr.industry.business.category’]}

2

Dear @adeelshabic

Thanks for reaching out,

To provide comprehensive support as usual, can I kindly ask you to provide the exact steps you followed to generate the CSR?

Additionally, Providing some screenshots for the errors, warnings, URLs will be more than helpful for our investigations.

Thanks,
Ibrahem Daoud.

3

Steps are below, all steps working fine over sandbox but error on simulation mode

Step 1: Generate CSR and Private Key

Private Key (without header and footer):

MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQg+iDE8Ha8lislP7L8iCTjoxFkHw7/0DU/LzmIJZ9WChehRANCAAQNUYlVnkAuAC/Nc7ATyx76YQ/44A29F/sKJdWyCUWt4R4ixK9MYYxYg4brdcHd0xjw/s6QJBH6eXjwFBNpQWNM

Base64 Encoded CSR:

LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQitUQ0NBYUFDQVFBd1hERUxNQWtHQTFVRUJoTUNVMEV4RVRBUEJnTlZCQXNNQ0ZOb1lXSnBZME52TVNJdwpJQVlEVlFRS0RCbERiMjF3WVc1NUlGTklRVUpCUzBFZ1FVMUJUQ0JNZEdRdU1SWXdGQVlEVlFRRERBMVRTRUpMClUwRXRNVFV6TlRRNE1GWXdFQVlIS29aSXpqMENBUVlGSzRFRUFBb0RRZ0FFRFZHSlZaNUFMZ0F2elhPd0U4c2UKK21FUCtPQU52UmY3Q2lYVnNnbEZyZUVlSXNTdlRHR01XSU9HNjNYQjNkTVk4UDdPa0NRUitubDQ4QlFUYVVGagpUS0NCNURDQjRRWUpLb1pJaHZjTkFRa09NWUhUTUlIUU1DUUdDU3NHQVFRQmloOFVBZ1FYRXhWUVVrVmFRVlJEClFTMURiMlJsTFZOcFoyNXBibWN3Z2FjR0ExVWRFUVNCbnpDQm5LU0JtVENCbGpFN01Ea0dBMVVFQkF3eU1TMVUKVTFSOE1pMVVVMVI4TXkxbFpESXlaakZrT0MxbE5tRXlMVEV4TVRndE9XSTFPQzFrT1dFNFpqRXhaVFEwTldZeApIekFkQmdvSmtpYUprL0lzWkFFQkRBOHpNVEV4TlRVek9EVXhNREF3TURNeERUQUxCZ05WQkF3TUJERXhNREF4CkVUQVBCZ05WQkJvTUNGSlNVa1F5T1RJNU1SUXdFZ1lEVlFRUERBdEpWQ0JUWlhKMmFXTmxjekFLQmdncWhrak8KUFFRREFnTkhBREJFQWlCM2Y4bHlkbWtQNzJtZ0J0bGxQVHhwZ200RzVaL0lFRkdGdXB6RnI0T1lXZ0lnSHFlMwpLZU92SlpvUEo1WHhJYTVlVmtzeCtkVkEwMmNSR3dVWkEzK01rUG89Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQ==

Step 2: Get Compliance CSID

Server Response:

{
    "requestType": "Compliance CSID",
    "apiUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance",
    "requestID": 1738230445214,
    "dispositionMessage": "ISSUED",
    "binarySecurityToken": "TUlJQ0h6Q0NBY1NnQXdJQkFnSUdBWlMybTdTZU1Bb0dDQ3FHU000OUJBTUNNQlV4RXpBUkJnTlZCQU1NQ21WSmJuWnZhV05wYm1jd0hoY05NalV3TVRNd01EazBOekl3V2hjTk16QXdNVEk1TWpFd01EQXdXakJjTVFzd0NRWURWUVFHRXdKVFFURVJNQThHQTFVRUN3d0lVMmhoWW1salEyOHhJakFnQmdOVkJBb01HVU52YlhCaGJua2dVMGhCUWtGTFFTQkJUVUZNSUV4MFpDNHhGakFVQmdOVkJBTU1EVk5JUWt0VFFTMHhOVE0xTkRnd1ZqQVFCZ2NxaGtqT1BRSUJCZ1VyZ1FRQUNnTkNBQVFOVVlsVm5rQXVBQy9OYzdBVHl4NzZZUS80NEEyOUYvc0tKZFd5Q1VXdDRSNGl4SzlNWVl4WWc0YnJkY0hkMHhqdy9zNlFKQkg2ZVhqd0ZCTnBRV05NbzRHN01JRzRNQXdHQTFVZEV3RUIvd1FDTUFBd2dhY0dBMVVkRVFTQm56Q0JuS1NCbVRDQmxqRTdNRGtHQTFVRUJBd3lNUzFVVTFSOE1pMVVVMVI4TXkxbFpESXlaakZrT0MxbE5tRXlMVEV4TVRndE9XSTFPQzFrT1dFNFpqRXhaVFEwTldZeEh6QWRCZ29Ka2lhSmsvSXNaQUVCREE4ek1URXhOVFV6T0RVeE1EQXdNRE14RFRBTEJnTlZCQXdNQkRFeE1EQXhFVEFQQmdOVkJCb01DRkpTVWtReU9USTVNUlF3RWdZRFZRUVBEQXRKVkNCVFpYSjJhV05sY3pBS0JnZ3Foa2pPUFFRREFnTkpBREJHQWlFQTJhcitFVnIzd1l3dmpoSGdxYjJNYkRFbTRNVXA2eXJ6aDZuOHdhZHRDUzhDSVFDc3hJc05FWkYvL0o4cXM4YlRKWmVoM2dxSGpKcjBiL2dVWHA4d3J5bmJlZz09",
    "secret": "n8X3RRRbFqcaNNytJKpQitb9mktasmj9bbmeJKwHjdU="
}

Step 3: Sending Sample Documents

Each document type (Invoice, CreditNote, DebitNote) is checked for compliance. If all validations pass, it is either CLEARED or REPORTED.

Invoices PASSED/CLEARED/REPORTED

Step 4: Get Production CSID

Fatal Error:

Uncaught Exception: HTTP error after 3 retries: 400 - {"errorCode":"400","errorCategory":"Invalid-CSR","errorMessage":"The provided Certificate Signing Request (CSR) is invalid."}

CSR Config File

[OIDs]
certificateTemplateName = 1.3.6.1.4.1.311.20.2

[req]
default_bits = 2048
emailAddress = adeel@shabic.com
prompt = no
default_md = sha256
req_extensions = req_ext

# Use req_ext, since it contains CSR-specific extensions
distinguished_name = dn

[dn]
CN = SHBKSA-153548
OU = ShabicCo
O = Company SHABAKA AMAL Ltd.
C = SA

[v3_req]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment

[req_ext]
certificateTemplateName = ASN1:PRINTABLESTRING:PREZATCA-Code-Signing
subjectAltName = dirName:alt_names

[alt_names]
SN = 1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f
UID = 311155385100003
title = 1100
registeredAddress = RRRD2929
businessCategory = IT Services

SANDBOX OUTPUT

{
    "environmentType": "NonProduction",
    "csr": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQitqQ0NBYUFDQVFBd1hERUxNQWtHQTFVRUJoTUNVMEV4RVRBUEJnTlZCQXNNQ0ZOb1lXSnBZME52TVNJdwpJQVlEVlFRS0RCbERiMjF3WVc1NUlGTklRVUpCUzBFZ1FVMUJUQ0JNZEdRdU1SWXdGQVlEVlFRRERBMVRTRUpMClUwRXRNVFV6TlRRNE1GWXdFQVlIS29aSXpqMENBUVlGSzRFRUFBb0RRZ0FFVkZIQy8xWWRsK0ZhMkhWRU12a1UKSGZEZlFQakRUWDEzWW5xKzJTQnVZQnF5S0Y1WDB2b3lMSkszOVlDQTJYdEtZK2R5Q1hMSUFxdmoySTlmakZtcgpLS0NCNURDQjRRWUpLb1pJaHZjTkFRa09NWUhUTUlIUU1DUUdDU3NHQVFRQmloOFVBZ1FYRXhWVVUxUmFRVlJEClFTMURiMlJsTFZOcFoyNXBibWN3Z2FjR0ExVWRFUVNCbnpDQm5LU0JtVENCbGpFN01Ea0dBMVVFQkF3eU1TMVUKVTFSOE1pMVVVMVI4TXkxbFpESXlaakZrT0MxbE5tRXlMVEV4TVRndE9XSTFPQzFrT1dFNFpqRXhaVFEwTldZeApIekFkQmdvSmtpYUprL0lzWkFFQkRBOHpPVGs1T1RrNU9UazVNREF3TURNeERUQUxCZ05WQkF3TUJERXhNREF4CkVUQVBCZ05WQkJvTUNGSlNVa1F5T1RJNU1SUXdFZ1lEVlFRUERBdEpWQ0JUWlhKMmFXTmxjekFLQmdncWhrak8KUFFRREFnTklBREJGQWlFQTJjYmIwZTJlRi81WlN3bHM4TnRRT2RRSjFKcFBicERtMmN5NHNyRnJ1T3dDSUd3Ngp4RURjWFJkR3ZpWGlwOXJvVklVeHh0YjJGSHRBUTZCcXhjVTkyUkErCi0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQ==",
    "privateKey": "MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgAaXBM0/pR2kGNzOQpiydhInaYdXiKoPL+jgIPXw6zvehRANCAARUUcL/Vh2X4VrYdUQy+RQd8N9A+MNNfXdier7ZIG5gGrIoXlfS+jIskrf1gIDZe0pj53IJcsgCq+PYj1+MWaso",
    "OTP": "837527",
    "ccsid_requestID": 1234567890123,
    "ccsid_binarySecurityToken": "TUlJQ0hqQ0NBY1NnQXdJQkFnSUdBWlMycUNyaU1Bb0dDQ3FHU000OUJBTUNNQlV4RXpBUkJnTlZCQU1NQ21WSmJuWnZhV05wYm1jd0hoY05NalV3TVRNd01UQXdNRFUyV2hjTk16QXdNVEk1TWpFd01EQXdXakJjTVFzd0NRWURWUVFHRXdKVFFURVJNQThHQTFVRUN3d0lVMmhoWW1salEyOHhJakFnQmdOVkJBb01HVU52YlhCaGJua2dVMGhCUWtGTFFTQkJUVUZNSUV4MFpDNHhGakFVQmdOVkJBTU1EVk5JUWt0VFFTMHhOVE0xTkRnd1ZqQVFCZ2NxaGtqT1BRSUJCZ1VyZ1FRQUNnTkNBQVJVVWNML1ZoMlg0VnJZZFVReStSUWQ4TjlBK01OTmZYZGllcjdaSUc1Z0dySW9YbGZTK2pJc2tyZjFnSURaZTBwajUzSUpjc2dDcStQWWoxK01XYXNvbzRHN01JRzRNQXdHQTFVZEV3RUIvd1FDTUFBd2dhY0dBMVVkRVFTQm56Q0JuS1NCbVRDQmxqRTdNRGtHQTFVRUJBd3lNUzFVVTFSOE1pMVVVMVI4TXkxbFpESXlaakZrT0MxbE5tRXlMVEV4TVRndE9XSTFPQzFrT1dFNFpqRXhaVFEwTldZeEh6QWRCZ29Ka2lhSmsvSXNaQUVCREE4ek9UazVPVGs1T1RrNU1EQXdNRE14RFRBTEJnTlZCQXdNQkRFeE1EQXhFVEFQQmdOVkJCb01DRkpTVWtReU9USTVNUlF3RWdZRFZRUVBEQXRKVkNCVFpYSjJhV05sY3pBS0JnZ3Foa2pPUFFRREFnTklBREJGQWlCUDllWDFqb0hkbGJwRVpQbWx1MWNGSXhBdWhMWWpFTW52WFNBSExjY2pVZ0loQUtoYjlkbVR2WTBqazhRbjViTldNQUp0ZzF0Z3QzYzR5WXZiOUJsWDZCUEI=",
    "ccsid_secret": "plz5ClBZBt7epoASeMqRs7lrI3MmTU4SXw/mmN4OcaM=",
    "pcsid_requestID": 30368,
    "pcsid_binarySecurityToken": "TUlJRDNqQ0NBNFNnQXdJQkFnSVRFUUFBT0FQRjkwQWpzL3hjWHdBQkFBQTRBekFLQmdncWhrak9QUVFEQWpCaU1SVXdFd1lLQ1pJbWlaUHlMR1FCR1JZRmJHOWpZV3d4RXpBUkJnb0praWFKay9Jc1pBRVpGZ05uYjNZeEZ6QVZCZ29Ka2lhSmsvSXNaQUVaRmdkbGVIUm5ZWHAwTVJzd0dRWURWUVFERXhKUVVscEZTVTVXVDBsRFJWTkRRVFF0UTBFd0hoY05NalF3TVRFeE1Ea3hPVE13V2hjTk1qa3dNVEE1TURreE9UTXdXakIxTVFzd0NRWURWUVFHRXdKVFFURW1NQ1FHQTFVRUNoTWRUV0Y0YVcxMWJTQlRjR1ZsWkNCVVpXTm9JRk4xY0hCc2VTQk1WRVF4RmpBVUJnTlZCQXNURFZKcGVXRmthQ0JDY21GdVkyZ3hKakFrQmdOVkJBTVRIVlJUVkMwNE9EWTBNekV4TkRVdE16azVPVGs1T1RrNU9UQXdNREF6TUZZd0VBWUhLb1pJemowQ0FRWUZLNEVFQUFvRFFnQUVvV0NLYTBTYTlGSUVyVE92MHVBa0MxVklLWHhVOW5QcHgydmxmNHloTWVqeThjMDJYSmJsRHE3dFB5ZG84bXEwYWhPTW1Obzhnd25pN1h0MUtUOVVlS09DQWdjd2dnSURNSUd0QmdOVkhSRUVnYVV3Z2FLa2daOHdnWnd4T3pBNUJnTlZCQVFNTWpFdFZGTlVmREl0VkZOVWZETXRaV1F5TW1ZeFpEZ3RaVFpoTWkweE1URTRMVGxpTlRndFpEbGhPR1l4TVdVME5EVm1NUjh3SFFZS0NaSW1pWlB5TEdRQkFRd1BNems1T1RrNU9UazVPVEF3TURBek1RMHdDd1lEVlFRTURBUXhNVEF3TVJFd0R3WURWUVFhREFoU1VsSkVNamt5T1RFYU1CZ0dBMVVFRHd3UlUzVndjR3g1SUdGamRHbDJhWFJwWlhNd0hRWURWUjBPQkJZRUZFWCtZdm1tdG5Zb0RmOUJHYktvN29jVEtZSzFNQjhHQTFVZEl3UVlNQmFBRkp2S3FxTHRtcXdza0lGelZ2cFAyUHhUKzlObk1Ic0dDQ3NHQVFVRkJ3RUJCRzh3YlRCckJnZ3JCZ0VGQlFjd0FvWmZhSFIwY0RvdkwyRnBZVFF1ZW1GMFkyRXVaMjkyTG5OaEwwTmxjblJGYm5KdmJHd3ZVRkphUlVsdWRtOXBZMlZUUTBFMExtVjRkR2RoZW5RdVoyOTJMbXh2WTJGc1gxQlNXa1ZKVGxaUFNVTkZVME5CTkMxRFFTZ3hLUzVqY25Rd0RnWURWUjBQQVFIL0JBUURBZ2VBTUR3R0NTc0dBUVFCZ2pjVkJ3UXZNQzBHSlNzR0FRUUJnamNWQ0lHR3FCMkUwUHNTaHUyZEpJZk8reG5Ud0ZWbWgvcWxaWVhaaEQ0Q0FXUUNBUkl3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdNR0NDc0dBUVVGQndNQ01DY0dDU3NHQVFRQmdqY1ZDZ1FhTUJnd0NnWUlLd1lCQlFVSEF3TXdDZ1lJS3dZQkJRVUhBd0l3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQUxFL2ljaG1uV1hDVUtVYmNhM3ljaThvcXdhTHZGZEhWalFydmVJOXVxQWJBaUE5aEM0TThqZ01CQURQU3ptZDJ1aVBKQTZnS1IzTEUwM1U3NWVxYkMvclhBPT0=",
    "pcsid_secret": "CkYsEXfV8c1gFHAtFWoZv73pGMvh/Qyo4LzKM2h/8Hg=",
    "lastICV": "0",
    "lastInvoiceHash": "NWZlY2ViNjZmZmM4NmYzOGQ5NTI3ODZjNmQ2OTZjNzljMmRiYzIzOWRkNGU5MWI0NjcyOWQ3M2EyN2ZiNTdlOQ==",
    "complianceCsidUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/compliance",
    "complianceChecksUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/compliance/invoices",
    "productionCsidUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/production/csids",
    "reportingUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/invoices/reporting/single",
    "clearanceUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/invoices/clearance/single"
}

SIMULATION OUTPUT

{
    "environmentType": "Simulation",
    "csr": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQitqQ0NBYUFDQVFBd1hERUxNQWtHQTFVRUJoTUNVMEV4RVRBUEJnTlZCQXNNQ0ZOb1lXSnBZME52TVNJdwpJQVlEVlFRS0RCbERiMjF3WVc1NUlGTklRVUpCUzBFZ1FVMUJUQ0JNZEdRdU1SWXdGQVlEVlFRRERBMVRTRUpMClUwRXRNVFV6TlRRNE1GWXdFQVlIS29aSXpqMENBUVlGSzRFRUFBb0RRZ0FFY1IvQWMxeDhyc3MrekcxK1ZuQUwKZXNjVFAyV1ZwMzRKNytuYVhOT1ZOUGNRNEYrRnlqdUxJMHpjbCtiM0JHcll0cEhhQ096SDU5N1pGSm5qOFlzTApocUNCNURDQjRRWUpLb1pJaHZjTkFRa09NWUhUTUlIUU1DUUdDU3NHQVFRQmloOFVBZ1FYRXhWUVVrVmFRVlJEClFTMURiMlJsTFZOcFoyNXBibWN3Z2FjR0ExVWRFUVNCbnpDQm5LU0JtVENCbGpFN01Ea0dBMVVFQkF3eU1TMVUKVTFSOE1pMVVVMVI4TXkxbFpESXlaakZrT0MxbE5tRXlMVEV4TVRndE9XSTFPQzFrT1dFNFpqRXhaVFEwTldZeApIekFkQmdvSmtpYUprL0lzWkFFQkRBOHpNVEV4TlRVek9EVXhNREF3TURNeERUQUxCZ05WQkF3TUJERXhNREF4CkVUQVBCZ05WQkJvTUNGSlNVa1F5T1RJNU1SUXdFZ1lEVlFRUERBdEpWQ0JUWlhKMmFXTmxjekFLQmdncWhrak8KUFFRREFnTklBREJGQWlCR1lubFBmdjA5b3REZVMyTkc1MHRBd2tlRWtXRFJTU3BxMlhOSld2VTZsd0loQUsyTQpXcVlma2phMFcyUUladnBmS2ZnRmIwak51OS9GOW5MS0xOUWVHSldTCi0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQ==",
    "privateKey": "MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgSlREDbtIti/jDeUVKoqvRK+gHxBwTd96kpvi/z4OqJqhRANCAARxH8BzXHyuyz7MbX5WcAt6xxM/ZZWnfgnv6dpc05U09xDgX4XKO4sjTNyX5vcEati2kdoI7Mfn3tkUmePxiwuG",
    "OTP": "588666",
    "ccsid_requestID": 1738231378656,
    "ccsid_binarySecurityToken": "TUlJQ0h6Q0NBY1NnQXdJQkFnSUdBWlMycWZMZ01Bb0dDQ3FHU000OUJBTUNNQlV4RXpBUkJnTlZCQU1NQ21WSmJuWnZhV05wYm1jd0hoY05NalV3TVRNd01UQXdNalV6V2hjTk16QXdNVEk1TWpFd01EQXdXakJjTVFzd0NRWURWUVFHRXdKVFFURVJNQThHQTFVRUN3d0lVMmhoWW1salEyOHhJakFnQmdOVkJBb01HVU52YlhCaGJua2dVMGhCUWtGTFFTQkJUVUZNSUV4MFpDNHhGakFVQmdOVkJBTU1EVk5JUWt0VFFTMHhOVE0xTkRnd1ZqQVFCZ2NxaGtqT1BRSUJCZ1VyZ1FRQUNnTkNBQVJ4SDhCelhIeXV5ejdNYlg1V2NBdDZ4eE0vWlpXbmZnbnY2ZHBjMDVVMDl4RGdYNFhLTzRzalROeVg1dmNFYXRpMmtkb0k3TWZuM3RrVW1lUHhpd3VHbzRHN01JRzRNQXdHQTFVZEV3RUIvd1FDTUFBd2dhY0dBMVVkRVFTQm56Q0JuS1NCbVRDQmxqRTdNRGtHQTFVRUJBd3lNUzFVVTFSOE1pMVVVMVI4TXkxbFpESXlaakZrT0MxbE5tRXlMVEV4TVRndE9XSTFPQzFrT1dFNFpqRXhaVFEwTldZeEh6QWRCZ29Ka2lhSmsvSXNaQUVCREE4ek1URXhOVFV6T0RVeE1EQXdNRE14RFRBTEJnTlZCQXdNQkRFeE1EQXhFVEFQQmdOVkJCb01DRkpTVWtReU9USTVNUlF3RWdZRFZRUVBEQXRKVkNCVFpYSjJhV05sY3pBS0JnZ3Foa2pPUFFRREFnTkpBREJHQWlFQTZ4SXRKQzhUQ3IwdEhySlRDR3g2SUFZeU83NCtrald6ZS82SjlxNFBvNzhDSVFEZGtlRFhXTXRGSWszUzBTQkhtS09od0JrTmIyR1JjYWVZRk1STVZGV1k0Zz09",
    "ccsid_secret": "wbjxxyDozvDG/3RS/sTogHwIrL9Nx5N7/FaIpxiewwQ=",
    "pcsid_requestID": "",
    "pcsid_binarySecurityToken": "",
    "pcsid_secret": "",
    "lastICV": "0",
    "lastInvoiceHash": "NWZlY2ViNjZmZmM4NmYzOGQ5NTI3ODZjNmQ2OTZjNzljMmRiYzIzOWRkNGU5MWI0NjcyOWQ3M2EyN2ZiNTdlOQ==",
    "complianceCsidUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance",
    "complianceChecksUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance/invoices",
    "productionCsidUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/production/csids",
    "reportingUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/invoices/reporting/single",
    "clearanceUrl": "https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/invoices/clearance/single"
}

All below code in PHP

PRIVATE KEY GENERATION FUNCTION

public function generatePrivateKey()
    {

        $privateKey = openssl_pkey_new([
            'private_key_type' => OPENSSL_KEYTYPE_EC,
            'curve_name' => 'secp256k1', // Menggunakan SECP256K1 sesuai dengan permintaan
        ]);

        return $privateKey;
    }

CSR GENERATION

public function generateCsr()
    {
        // Menyusun file konfigurasi OpenSSL yang dinamis
        $configFile = $this->generateConfigFile();

        // Membuat private key
        $privateKey = $this->generatePrivateKey();

        // Membuat DN untuk CSR
        $dn = [
            "countryName" => $this->config['csr.country.name'] ?? 'SA',
            "organizationalUnitName" => $this->config['csr.organization.unit.name'] ?? '',
            "organizationName" => $this->config['csr.organization.name'] ?? '',
            "commonName" => $this->config['csr.common.name'] ?? '',
        ];

        // Pastikan untuk menyertakan file konfigurasi yang benar dalam csrConfig
        $csrConfig = [
            "config" => $configFile, // Menyertakan file konfigurasi yang telah dibuat
            "digest_alg" => "sha256",
        ];

        // Buat CSR menggunakan konfigurasi yang sudah diubah
        $csr = openssl_csr_new($dn, $privateKey, $csrConfig);

        if (!$csr) {
            throw new Exception('Error generating CSR: ' . openssl_error_string());
        }

        // Menandatangani CSR
        $csrPem = '';
        if (!openssl_csr_sign($csr, null, $privateKey, 365, ['digest_alg' => 'sha256'])) {
            throw new Exception('Error signing CSR: ' . openssl_error_string());
        }

        // Menyimpan private key dan CSR ke dalam format PEM
        openssl_pkey_export($privateKey, $privateKeyPem);
        openssl_csr_export($csr, $csrPem);

        // Strip header/footer dari private key
        $privateKeyContent = preg_replace('/-+BEGIN[^-]+-+|-+END[^-]+-+/', '', $privateKeyPem);  
        $privateKeyContent = str_replace(["\r", "\n"], '', $privateKeyContent); 

        // Hapus file sementara setelah selesai
        unlink($configFile);

        $csrPem = preg_replace("/\r\n|\r|\n/", "\n", $csrPem);
        $csrPem = trim($csrPem);

        // Encode CSR dalam Base64
        $csrBase64 = base64_encode($csrPem);

        return [$privateKeyContent, $csrBase64];
    }
4

Dear @adeelshabic

Thanks for reaching out,

Can I kindly ask you to share the API that you are hitting in step 4: Get Production CSID?

Thanks,
Ibrahem Daoud.

5

Dear @idaoud

Its working fine, I have resolved that issue. Thanks

1 Like
6

Can you please tell me what the issue is? I am getting the same error?

7

@adeelshabic could you be so kind and share what was the problem and how exactly you solved the issue. As it can help others.

8

Issue was with the CSR config template there was unnecessery spaces also remove spaces around =

9

Issue was with the CSR config file, there was spaces that i removed and also removed spaces around = and its working fine.