ConektaEvent.private_signature
Closed this issue · 1 comments
Hi, i have some troubles with this part of the code
private_key = OpenSSL::PKey::RSA.new(ConektaEvent.private_signature)
sha256_message = private_key.private_decrypt(Base64.decode64(digest))
if sha256_message != Digest::SHA256.hexdigest(request.raw_post)
logger.error "Conekta Error => Unauthenticated Event"
head :unauthorized
Where did you get this ConektaEvent.private_signature ???
You said
"First need to retrieve your endpoint’s secret in your Conekta Dashboard so Conekta start to sign each webhook sent to the endpoint."
CONEKTA_PRIVATE_SIGNATURE environment variable
ConektaEvent.private_signature = ENV['CONEKTA_PRIVATE_SIGNATURE']
did you mean this secret from conekta iE = key_7o4saiXXXXAp31prChdXXX ?
As i get. ConektaEvent.private_signature should be some kind of pem string something like
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxnBvS8cdsnAev2sRDRYWxznm1
QxZzaypfNXLvQ3EXT0NJXXFXAskY45vEpbc
5qFgEhcPy3BMqHRibwIDAQAB
-----END PUBLIC KEY-----
.
You should place your public key certificate on ConektaEvent.private_signature variable as example:
"-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEAzAXNWsfRDsFv2P0+SRWOK5QtAg/INg5ptQ51sVMEv5BVkb8A\nH6WmQsZ5jRQcol0jXYhQ06CbztBq4MI5NRPTXovyzC8xpn8CsJUNJxpl2/0hLXO0\nAQxfuheihEMMOfJCzkPpgKmIAUZnJJzDYkZ2Mr89XfpQiFRVXeKT3TndDV10yoRx\n\nDvxKsYz9sBwBu10sdlbPZ9yZ+Wgl6xyZmxOywOLFqUlVHqriGwT+Dg==\n-----END RSA PRIVATE KEY-----"
Note that you need to concat your key with "\n" in other to work.