Performing a Compliance Check
After obtaining a Compliance Binary Security Token, ZATCA requires that you complete a compliance check by submitting sample invoices. This step is a prerequisite to requesting production credentials.
To perform a compliance check:
-
Open the Saudi Arabia E-Invoicing Configuration record.
-
Copy the Compliance Binary Security Token and paste it into a text file named digCert.txt.
-
Run the following command to extract a Certificate Issuer Name.
openssl x509 -in digCert.txt -noout -issuer
-
Copy the output following "issuer=" into the Compliance Issuer Name field in the Saudi Arabia E-Invoicing Configuration record.
-
Run the following command to extract a Certificate Serial Number.
openssl x509 -in digCert.txt -noout -serial
-
Copy the serial number following "serial=" into the Compliance Serial Number field in the Saudi Arabia E-Invoicing Configuration record.
-
Run the following command to extract the Certificate Public Key.
openssl x509 -in digCert.txt -noout -pubkey
Example output:
-----BEGIN PUBLIC KEY-----
Alphanumeric characters
-----END PUBLIC KEY-----
-
Copy the entire output into the Compliance Public Key field in the Saudi Arabia E-Invoicing Configuration record.
-
Run the following command to extract the ECDSA signature of the Compliance Binary Security Token.
openssl x509 -text -in digCert.txt -noout
-
Copy the ECDSA signature, which includes the alphanumeric characters following "Signature Algorithm: ecdsa-with-SHA256," into the Compliance Binary Security Token field.
-
Click Save.
-
Click Next.
Continue the setup by obtaining production credentials.