Skip to Content
0
Former Member
Jul 31, 2009 at 05:03 PM

Digital Invoice Mexico: Import Production Certificates

705 Views

Hi,

I am trying to import certificate for Digital Invoice Mexico on our production system. I received the key and certificate from our Mexico Supply Chain Manager (filenames are 00001000000100782918TEXTILE.cer and him9409125m0_0907211449s.key).

After that, I followed note 1300880 and executed the following commands:

openssl pkcs8 -inform DER -in him9409125m0_0907211449s.key -passin pass:### -outform PEM -out CSD_01.key.pem -passout pass:###

openssl x509 -inform DER -in 00001000000100782918TEXTILE.cer -outform PEM -out CSD_01.cer.pem

I now have to add the ACx and ARCx root certificates. I downloaded files AC2-Sat.crt from http://www.banxico.org.mx/sistemasdepago/ies/iespub/ies_acs.html and exported that crt file as a .cer file. I that executed command openssl x509 -in AC2-Sat.cer -outform PEM -out AC2-Sat.cer.pem.

Now I have to chain my certificates, and from here, the note gets confusing.

I first tried the following:

copy CSD_01.key.pem+CSD_01.cer.pem CSD_01_chain.pem

openssl pkcs12 -in CSD_01_chain.pem -passin pass:### -export -out CSD_01.p12 -name SAT -passout pass:###

sapgenpse import_p12 -p CSD_01.pse -x ### -z ### CSD_01.p12

But this gave error:

ERROR: Incomplete certification path -- NEED certificate of "unstructuredName=Responsable: Fernando Martínez Coss, L=Cuauhtemoc, SP=Distrito Federal, C=MX, postalCode=06300, ST="Av. Hidalgo 77, Col. Guerrero", EMAIL=###, O=Servicio de Administración Tributaria, CN=A.C. del Servicio de Administración Tri"!

So I tried again, but now used the following command to create the CSD_01_chain.pem:

copy CSD_01.key.pemCSD_01.cer.pemAC2-Sat.cer.pem CSD_01_chain.pem

I than made a p12 file out of this CDS_01_chain.pem and importing this file now gives an other error:

ERROR: Incomplete certification path -- NEED certificate of "OU=Infraestructura Extendida de Seguridad, CN=Agencia Registradora Central, C=MX, O=Banco de Mexico"!

How do I get rid of this error? How do I need to create the CSD_01_chain.pem? Which files do I need for that?

Regards,

Kevin