pieterpoorthuis
commented
5 years ago Jordan,
Which version of OpenSSL are you using? You can find out by opening a SSL prompt and type version
Open jordan-burnett opened 5 years ago
pieterpoorthuis
commented
5 years ago Jordan,
Which version of OpenSSL are you using? You can find out by opening a SSL prompt and type version
jordan-burnett
commented
5 years ago The version of OpenSSL on my mac shows as LibreSSL 2.2.7
pieterpoorthuis
commented
5 years ago We have seen the same issue with other people using LibreSSL, but not yet with OpenSSL. Is there any way you can switch to OpenSSL to test whether this is the culprit?
jordan-burnett
commented
5 years ago I've given it a go, but unfortunately still seem to be seeing the same error.
I've switched to OpenSSL so that the version is now showing as OpenSSL 1.0.2p 14 Aug 2018
Doing a clean install of the module, and regenerating and pairing keys still results in Error: { error: 'Invalid signature' }
danescsvn
commented
5 years ago Jordan, thank you for the feedback. Let us do some investigation and we'll get back with you.
lyudad
commented
5 years ago I have the same issue on localhost and on AWS.
tomzaoral
commented
5 years ago Any progress on this, please? I have the same issue :/ I’m unable to make it work.
pieterpoorthuis
commented
5 years ago We just pushed a new version of the client that fixes this issue. Please clone the latest version and let us know if you have any issues with it.
Under root directory run the following:
npm run setup
npm install
Thank you.
YaronBurshtein
commented
5 years ago you didn't publish on npm, so we can't pull the changes.
martindale
commented
5 years ago @pieterpoorthuis what happened? Invalid signatures can often be causes for serious concern — can we get a post-mortem?
pieterpoorthuis
commented
5 years ago The request library (v2.88.0 https://www.npmjs.com/package/request/v/2.88.0) caused the 'invalid signatures'. v2.87.0 works correctly.
There are tons of changes from v2.87 -> v2.88. We are still looking for the exact cause, but for now we decided to stick to the latest functioning request library (v2.87.0)
lyudad
commented
5 years ago I have same problem on mac use OpenSSL, I have tried on new version of library, same issue.
gabmontes
commented
3 years ago Started to experience this same issue. Bitpay's prod endpoint seems to work fine but test.bitpay.com returns "Invalid signature". Any clue or solution?
cc/ @thejoshualewis @pieterpoorthuis
ajapha
commented
3 years ago @gabmontes We were having the same issue. test.bitpay.com always returned "Invalid signature" but production worked fine.
It seems the issue was the port 443 was in the URL which is added to the signature.
Apparently the server is verifying the signature expecting the URL part to not have :443 in it. When it is removed the request is successful.
I came up with a hack to remove :443 from _dataToSign but it's not ideal.
I'm attempting to follow the installation instructions, I can generate a keypair and pair with the server correctly, however when I attempt to make the first request using:
./node_modules/bitpay-rest/bin/bitpay.js request -T merchant -X post -R invoices -P '{"price": 1, "currency": "USD"}'I receive:
Error: { error: 'Invalid signature' }I get the same error when calling from the CLI, or when copying and pasting the code in the 'module' section of the readme.
Doing some debugging I can see that the error response is coming from calling
GET: https://test.bitpay.com:443/tokensand the string being signed is simply:https://test.bitpay.com:443/tokensI'm unsure how to debug this further. This is from a clean install, copying and pasting instructions from the readme.