X509Certificate (CCSID / PCSID) used for signing is not valid certificate (CCSID / PCSID)

General
1

We’re facing this error during the onboarding of new devices, this issue started happening after the release of the latest SDK:

We’ve updated the SDK to version SDK Version 3.4.4

We get the certificate using this endpoint: POST/compliance and it works fine
We start sending the latest samples to POST/compliance/invoices and the issue happens as follows:

Standard_Invoice.xml Pass
Standard_Credit_Note.xml Pass
Standard_Debit_Note.xml Pass

Simplified_Invoice.xml Error
Simplified_Credit_Note.xml Error
Simplified_Debit_Note.xml Error

Error Message:

{
    "status_code": 500,
    "error_message": "Error, PostComplianceInvoicesAPI : General Error : {\"validationResults\":{\"infoMessages\":[{\"type\":\"INFO\",\"code\":\"XSD_ZATCA_VALID\",\"category\":\"XSD validation\",\"message\":\"Complied with UBL 2.1 standards in line with ZATCA specifications\",\"status\":\"PASS\"}],\"warningMessages\":[{\"type\":\"WARNING\",\"code\":\"invalid-signing-certificate\",\"category\":\"CERTIFICATE_ERRORS\",\"message\":\"X509Certificate (CCSID / PCSID) used for signing is not valid certificate (CCSID / PCSID) for this VAT Registration Number.\",\"status\":\"WARNING\"}],\"errorMessages\":[],\"status\":\"WARNING\"},\"reportingStatus\":\"REPORTED\",\"clearanceStatus\":null,\"qrSellertStatus\":null,\"qrBuyertStatus\":null}"
}

Any idea what is the issue? and how can we fix it?

2

Dear @mohamedshamoon

Thanks for reaching out,

To provide comprehensive support as usual, Can you please share the exact HTTP response from ZATCA?

Thanks,
Ibrahem Daoud.

3

“status_code”: 202

{
  "validationResults": {
    "infoMessages": [
      {
        "type": "INFO",
        "code": "XSD_ZATCA_VALID",
        "category": "XSD validation",
        "message": "Complied with UBL 2.1 standards in line with ZATCA specifications",
        "status": "PASS"
      }
    ],
    "warningMessages": [
      {
        "type": "WARNING",
        "code": "invalid-signing-certificate",
        "category": "CERTIFICATE_ERRORS",
        "message": "X509Certificate (CCSID / PCSID) used for signing is not valid certificate (CCSID / PCSID) for this VAT Registration Number.",
        "status": "WARNING"
      }
    ],
    "errorMessages": [],
    "status": "WARNING"
  },
  "reportingStatus": "REPORTED",
  "clearanceStatus": null,
  "qrSellertStatus": null,
  "qrBuyertStatus": null
}
4

Dear @mohamedshamoon

Thanks for your collaboration, can I kindly ask you to check and confirm if you are signing the B2C invoices with the CCSID Decoded based64 “Binary Security Token” that you received from the compliance?

Thanks,
Ibrahem Daoud.

5

Yes, we sign them with the CSID we received from https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance

I have sent the 6 XMLs to sp_support@zatca.gov.sa for you to check.

they are all having the same certificate.

6

Dear @mohamedshamoon

Thanks for your collaboration in raising this, please note that it’s a known issue, currently our team working on it, However, you can complete the onboarding process and receive your PCSID successfully.

Appreciate your understanding.
Thanks,
Ibrahem Daoud.

1 Like
7

Dear @idaoud @mohamedshamoon

‘warningMessages’: [{‘type’: ‘WARNING’, ‘code’: ‘invalid-signing-certificate’, ‘category’: ‘CERTIFICATE_ERRORS’, ‘message’: ‘X509Certificate (CCSID / PCSID) used for signing is not valid certificate (CCSID / PCSID) for this VAT Registration Number.’, ‘status’: ‘WARNING’}]

Any update on the mentioned Issue we are also currently facing this same problem now .
and is it ok to onboard the device and Report Simplified Invoices with this existing warning messages ?