Hi,
I’m encountering failure response when validating a simplified invoice via the ZATCA .NET SDK. Below is the console output:
Validate XSD [Success]
Validate EN Schematrons [Success]
Validate KSA Schematrons [Success]
Validate QR Code [Failed]
**** [Error] CODE: hashedXml
MESSAGE: hashedXml does not match QR‑code hashedXml or hashedXml is missing
Validate EInvoice Signature [Failed]
**** [Error] CODE: invoiceSignedDataDigestValue – wrong invoice hashing.
**** [Error] CODE: signatureValue – wrong signature value.
Validate EInvoice PIH [Success]
Overall status [Failed]
What I’ve Done so Far
-
CSR → Certificate
- Generated a CSR with the SDK CLI.
- Posted CSR to the Compliance CSID API and received a
binarySecurityToken. - Base64‑decoded the token and saved it as
cert.pem.
-
Signing the Invoice
Command used:fatooraNet sign ^ -invoice 6064-3111-unsigned.xml ^ -certificate F:\fatoora\developer-portal\cert.pem ^ -privateKey F:\fatoora\generated-private-key-20250711163807.keyThis ran without errors and produced
6064-3111-signedinvoice.xml. -
Validation
fatooraNet validate ^ -invoice 6064-3111-signedinvoice.xml ^ -certificate F:\fatoora\developer-portal\cert.pem ^ -pih <SDK>\Data\PIH\pih1.txtThe result is the QR / hashing error shown above.
-
Developer Portal API Check
The same (signed) invoice fails when I use “GenerateRequest” command with:{ "type": "ERROR", "code": "invalid-invoice-hash", "category": "INVOICE_HASHING_ERRORS", "message": "The invoice hash API body does not match the (calculated) Hash of the XML" }
Is there an additional step required to embed or re‑calculate the invoice hash and QR code after signing? BTW, as per my understanding “SignDocument” will generate invoice hash, QR code and signature.
Any guidance or examples would be greatly appreciated.
Thank you in advance.