ConektaEvent.private_signature

[eibz91]

Hi, i have some troubles with this part of the code

private_key = OpenSSL::PKey::RSA.new(ConektaEvent.private_signature)
sha256_message = private_key.private_decrypt(Base64.decode64(digest))
if sha256_message != Digest::SHA256.hexdigest(request.raw_post)
logger.error "Conekta Error => Unauthenticated Event"
head :unauthorized

Where did you get this ConektaEvent.private_signature ???

You said

"First need to retrieve your endpoint’s secret in your Conekta Dashboard so Conekta start to sign each webhook sent to the endpoint."

CONEKTA_PRIVATE_SIGNATURE environment variable
ConektaEvent.private_signature = ENV['CONEKTA_PRIVATE_SIGNATURE']

did you mean this secret from conekta iE = key_7o4saiXXXXAp31prChdXXX ?

As i get. ConektaEvent.private_signature should be some kind of pem string something like
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxnBvS8cdsnAev2sRDRYWxznm1
QxZzaypfNXLvQ3EXT0NJXXFXAskY45vEpbc
5qFgEhcPy3BMqHRibwIDAQAB
-----END PUBLIC KEY-----

.

[JNajera]

You should place your public key certificate on ConektaEvent.private_signature variable as example:

"-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEAzAXNWsfRDsFv2P0+SRWOK5QtAg/INg5ptQ51sVMEv5BVkb8A\nH6WmQsZ5jRQcol0jXYhQ06CbztBq4MI5NRPTXovyzC8xpn8CsJUNJxpl2/0hLXO0\nAQxfuheihEMMOfJCzkPpgKmIAUZnJJzDYkZ2Mr89XfpQiFRVXeKT3TndDV10yoRx\n\nDvxKsYz9sBwBu10sdlbPZ9yZ+Wgl6xyZmxOywOLFqUlVHqriGwT+Dg==\n-----END RSA PRIVATE KEY-----"

Note that you need to concat your key with "\n" in other to work.