wrong signature Value - Githubissues

MTAS101 commented 2 weeks ago

Hello dear

I have a problem signing the certificate

Errors signature validation errors : CODE : signatureValue, MESSAGE : wrong signature Value validation_errors

Despite trying more than once to re-sign with the Zakat Authority, the same problem

Thank you

mhaggag commented 2 weeks ago

Hello,

Can you share the following information:

App versions (from Help -> About or bench version)
Frappe cloud or self-hosted
Which Fatoora Server URL is configured in the ZATCA Business Settings Integration tab
Whether ZATCA CLI was setup automatically or manually
A screenshot of the Sales Invoice Additional Fields Validation tab for your failed/rejected invoice

The most common source of signing problems in my experience is running the ZATCA CLI on a Java version later than 11. In that case, the SDK fails to sign the invoice silently if I recall correctly.

MTAS101 commented 2 weeks ago

thanks Thank you for the quick response.

Requirements App versions (from Help -> About or bench version

See attachments No 1

frappe cloud or self-hosted

self-hosted Which Fatoora Server URL is configured in the ZATCA Business Settings Integration tab
https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal Whether ZATCA CLI was setup automatically or manually
automatically A screenshot of the Sales Invoice Additional Fields Validation tab for your failed/rejected invoice
- See Attachments No. 2

mhaggag commented 2 weeks ago

Thanks. Can you share the XML of the generated Sales Invoice Additional Fields? Please omit/replace any sensitive data in it if any (real VAT, addresses, contact information, etc.)

MTAS101 commented 2 weeks ago

Thanks. Can you share the XML of the generated Sales Invoice Additional Fields? Please omit/replace any sensitive data in it if any (real VAT, addresses, contact information, etc.)

ACC-SINV-2024-00006-AdditionalFields-8.zip

mhaggag commented 2 weeks ago

The signature is not missing like I suspected. The certificate public key is fine.

Can you look into logs/zatca.log and see if you can spot the signing command for this invoice (or any invoice if they're all failing signature validation) ? It should look like this:

2024-06-05 13:40:43,798 INFO zatca Running: ['/home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli/bin/zatca-cli', 'sign', '-b', '/home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli', '-o', '/tmp/tmpll_9q82w-signed_invoice.xml', '-c', '399999999900003.pem', '-k', 'sandbox_private_key.pem', '/tmp/tmpd8rlnwtu-invoice.xml']

You can take the above and run it manually from the sites directory to observe if there were any warnings/errors reported that were not caught by the app. You can convert the list into a command by concatenating the items, stripping out the command and the quotes. For the log line above, it'd look like this:

export JAVA_HOME="{insert path to jre 11 from zatca business settings}"
cd /home/muhammad/erp-einvoice-test/sites/
/home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli/bin/zatca-cli  sign  -b /home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli -o /tmp/tmpll_9q82w-signed_invoice.xml -c 399999999900003.pem -k sandbox_private_key.pem /tmp/tmpd8rlnwtu-invoice.xml

(Note that the values for you will be different for all paths)

MTAS101 commented 2 weeks ago

The signature is not missing like I suspected. The certificate public key is fine.

Can you look into logs/zatca.log and see if you can spot the signing command for this invoice (or any invoice if they're all failing signature validation) ? It should look like this:
2024-06-05 13:40:43,798 INFO zatca Running: ['/home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli/bin/zatca-cli', 'sign', '-b', '/home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli', '-o', '/tmp/tmpll_9q82w-signed_invoice.xml', '-c', '399999999900003.pem', '-k', 'sandbox_private_key.pem', '/tmp/tmpd8rlnwtu-invoice.xml']
You can take the above and run it manually from the sites directory to observe if there were any warnings/errors reported that were not caught by the app. You can convert the list into a command by concatenating the items, stripping out the command and the quotes. For the log line above, it'd look like this:
export JAVA_HOME="{insert path to jre 11 from zatca business settings}"
cd /home/muhammad/erp-einvoice-test/sites/
/home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli/bin/zatca-cli  sign  -b /home/muhammad/erp-einvoice-test/sites/zatca/zatca-cli -o /tmp/tmpll_9q82w-signed_invoice.xml -c 399999999900003.pem -k sandbox_private_key.pem /tmp/tmpd8rlnwtu-invoice.xml
(Note that the values for you will be different for all paths)

I did a lot but I couldn't solve the problem. Can you help me a little bit closer by entering the system and looking more closely? :)

Ahmed-M-Fawzy commented 2 weeks ago

Hi @MTAS101 ,

Thanks for letting us know about your issue!

This application is open-source, so our fantastic LavaLoon team or the community is often a great resource for troubleshooting. To get the best assistance, providing more details about the problem can be helpful.

If you'd prefer premium support from our experts, you can reach us directly at Info@lavaloon.com. We offer a variety of support packages to fit your needs.

lavaloon-eg / ksa_compliance

wrong signature Value #97