l-ra / openeet

EET Client library - open source implementation of client library for EET
Apache License 2.0
36 stars 19 forks source link

Invalid SOAP message signature #17

Closed janwiesemann closed 7 years ago

janwiesemann commented 7 years ago

We are trying to implement the .Net version. Currently just used in testing and we use the newest code from vlastikcocek (https://github.com/vlastikcocek/openeet/tree/master/dotnet) but we get the same result with older versions.

The used code is basically the one from the supplied example (https://github.com/vlastikcocek/openeet/blob/master/dotnet/tests/Program.cs) but this is our used code http://pastebin.com/yFtDs7FK

the created request looks like this http://pastebin.com/0rDArJ1F

and the response is http://pastebin.com/Tyaw5f61

the used values are http://pastebin.com/TLL0DR0U

jakubja commented 7 years ago

Hi, I had a similar problem with error 4 just this morning when I tried to use production certificate instead of playground one. I have found a solution - try to change EET URL from https://pg.eet.cz:443/eet/services/EETServiceSOAP/v3 to https://prod.eet.cz:443/eet/services/EETServiceSOAP/v3 I might add I am using different C# implementation, but I think this would help here as well.

l-ra commented 7 years ago

After analyzing data you sent here is the result. It seems you are using improper version of playground test certificate. See the announcement published on January the 4th (http://www.etrzby.cz/cs/oznameni-k-testovacimu-prostredi-playground). The request (http://pastebin.com/0rDArJ1F) is formally valid, but the certificate used to create signature is no longer supported.

I tested the current code in my repo https://github.com/l-ra/openeet-net (not the binary build) and it works well (contains the right certificate in resources).

Using the right certificate (http://www.etrzby.cz/assets/cs/prilohy/EET_CA1_Playground_v1.zip) should fix the problem.

l-ra commented 7 years ago

Can the issue be considered resolved when using the right certificate?

janwiesemann commented 7 years ago

We have testet it with a customer certificate and it works fine. So yes, it can be considered as resolved.

Thanks for your help.