What is a promise in Javascript?

Question

BeniGls

Asked: 2020-01-03 05:51:06 +0800 CST 2020-01-03 05:51:06 +0800 CST 2020-01-03 05:51:06 +0800 CST

Send SII model to Treasury using cURL

772

I am completely desperate. I tried some time ago to find an answer using vba, and I didn't get a solution.

I went back to the load trying to use cURL from the command line, but it doesn't work either. In this case, I am going to show you the entire process carried out with CURL, which, according to what I have been able to document, should work. But something escapes me, because I can't get the Treasury Web Service to receive my files

Export Certificate (.pfx)

In order to use the certificate, first of all you have to export it from my browser. To do this, you can do:

Chrome settings
- Manage certificates...
  - Export the private key
    - Personal Information Exchange: PKCS #12 (.PFX)
      - Include all certificates in the certification path (if possible)
      - Export all extended properties
    - Give it password: 12345
    - Name the file: Certificate.pfx

Once this is done, I get a certificate in .pfx format

Convert .pfx certificate to .pem (OpenSSL)

This format is not valid for cURL. Therefore, it must be transformed to .pem before. And for this, everywhere they talk about OpenSSL. I downloaded version 1.0.21 May 25, 2017 (accessed from the command line) I transform certificate:

--Importo certificado PEM (sin key)
C:\OpenSSL-Win64\bin\openssl.exe pkcs12 -in C:\VariasSII\Certificados\Certificado.pfx -out C:\VariasSII\Certificados\Certificado-CL.pem -clcerts -nokeys

--Importo KEY
C:\OpenSSL-Win64\bin\openssl.exe pkcs12 -in C:\VariasSII\Certificados\Certificado.pfx -out C:\VariasSII\Certificados\Certificado-KEY.pem -nocerts

--Importo CA (Esto en muchas partes no se usa. Lo tengo, y puedo ponerlo o no, aunque en cualquiera de los casos no me sirve para que funcione el envío
C:\OpenSSL-Win64\bin\openssl.exe pkcs12 -in C:\VariasSII\Certificados\Certificado.pfx -out C:\VariasSII\Certificados\Certificado-CA.pem -cacerts -nokeys

Send (using cURL)

Finally, with this instruction you should be able to send XML files to the Treasury:

curl --data C:\VariasSII\TEST.xml --output C:\VariasSII\respuesta.xml --cert C:\VariasSII\Certificados\Certificado-CL.pem --key C:\VariasSII\Certificados\Certificado-KEY.pem https://www7.aeat.es/wlpl/SSII-FACT/ws/fe/SiiFactFEV1SOAP

cURL Response

The response to this request is as follows:

<?xml version="1.0" encoding="UTF-8"?><env:Envelope 
xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Body><env:Fault>
<faultcode>env:Client</faultcode><faultstring>Codigo[1304].No se permite 
contenido en el prólogo. (1,1)</faultstring><detail><callstack>XML no válido o mal formado
WSExcepcion [faultcode=null, detailMap=null, version=0, faultstring=No se permite contenido en el prólogo. (1,1), faultactor=null, faultSubCode=null, reasonText=null, detail=null, nameSpaceUriDetail=null]
at es.aeat.adws.jdit.imp.ws.WSFilterSrvImpl.verificarFirma(WSFilterSrvImpl.java:810)
at es.aeat.adws.jdit.imp.ws.WSFilterSrvImpl.doFilter(WSFilterSrvImpl.java:246)
at es.aeat.adws.jdit.api.ws.WSFilter.doFilter(WSFilter.java:24)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:207)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
at es.aeat.adht.jdit.imp.infra.JDitFilterSrvImpl.filtroIni(JDitFilterSrvImpl.java:178)
at es.aeat.adht.jdit.imp.infra.JDitFilterSrvImpl.doFilter(JDitFilterSrvImpl.java:86)
at es.aeat.adht.jdit.imp.infra.JDitFilterSrvImpl.doFilter(JDitFilterSrvImpl.java:63)
at es.aeat.adht.jdit.api.filter.JDitFilter.doFilter(JDitFilter.java:24)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:207)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:91)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:1021)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:1143)
at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:82)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:934)
at com.ibm.ws.webcontainer.osgi.DynamicVirtualHost$2.run(DynamicVirtualHost.java:262)
at com.ibm.ws.http.dispatcher.internal.channel.HttpDispatcherLink$TaskWrapper.run(HttpDispatcherLink.java:958)
at com.ibm.ws.http.dispatcher.internal.channel.HttpDispatcherLink.wrapHandlerAndExecute(HttpDispatcherLink.java:357)
at com.ibm.ws.http.dispatcher.internal.channel.HttpDispatcherLink.ready(HttpDispatcherLink.java:317)
at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:471)
at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.handleNewRequest(HttpInboundLink.java:405)
at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.processRequest(HttpInboundLink.java:285)
at com.ibm.ws.http.channel.internal.inbound.HttpInboundLink.ready(HttpInboundLink.java:256)
at com.ibm.ws.tcpchannel.internal.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:174)
at com.ibm.ws.tcpchannel.internal.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:83)
at com.ibm.ws.tcpchannel.internal.WorkQueueManager.requestComplete(WorkQueueManager.java:504)
at com.ibm.ws.tcpchannel.internal.WorkQueueManager.attemptIO(WorkQueueManager.java:574)
at com.ibm.ws.tcpchannel.internal.WorkQueueManager.workerRun(WorkQueueManager.java:929)
at com.ibm.ws.tcpchannel.internal.WorkQueueManager$Worker.run(WorkQueueManager.java:1018)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1153)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.lang.Thread.run(Thread.java:785)
Caused by: es.aeat.adws.jdit.api.xml.XmlExcepcion: No se permite contenido en el prólogo. (1,1)
at es.aeat.adws.jdit.imp.xml.DomUtilsImpl.isToDoc(DomUtilsImpl.java:85)
at es.aeat.adws.jdit.imp.xml.DomUtilsImpl.isToDoc(DomUtilsImpl.java:51)
at es.aeat.adws.jdit.imp.ws.WSFilterSrvImpl.verificarFirma(WSFilterSrvImpl.java:781)
... 31 more
Caused by: org.xml.sax.SAXParseException: No se permite contenido en el prólogo.
at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)
at org.apache.xerces.impl.XMLDocumentScannerImpl$PrologDispatcher.dispatch(Unknown Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
at javax.xml.parsers.DocumentBuilder.parse(Unknown Source)
at es.aeat.adws.jdit.imp.xml.DomUtilsImpl.isToDoc(DomUtilsImpl.java:81)
... 33 more

According to error, it might seem that the error is in the XML file, but I assure you that it is not. This file can be sent perfectly from the enabled environment of the tax agency without problems, and it can also be sent using an external application (SoapUI)

Last considerations

In some web page I saw that they exported the CA of the certificate to later use it in cURL (I previously added the instruction that would allow the CA to be extracted). However, in most of the consulted sites they do not use this CA.

At an informative level, using said CA generates the following warning:

curl.exe [...] --cacert C:\VariasSII\Certificados\Certificado-CA.pem

curl: (60) SSL certificate problem: self signed certificate in certificate chain

More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.

I am convinced that the problem is in the certificate. But taking into account that the certificate.pfx works fine (I have tested it with SoapUI, and I have exported it to another computer, being able to use that certificate on that computer without problems) ... I would be left to think that something is wrong when converting that . pfx in .pem when using OpenSSL? The steps in OpenSSL and cURL I found on the net, and have checked with all possible sources. It works fine for people. But I'm not moving on from here.

Hopefully someone can shed some light on this problem.

1 Answers

Voted

Alexandru Trandafir Catalin · Answer 1 · 2020-01-17T06:10:52+08:00

I modify the answer since it seems that the problem in your case was not with the certificate but with the cURL parameters.

How to make the call from cURL

curl --cert ./ALEXANDRU_CATALIN_bundle.pem --header "Content-Type: text/xml;charset=UTF-8" --header "SOAPAction: SuministroLRFacturasEmitidas" --data @datos_xml.txt -v https://www7.aeat.es/wlpl/SSII-FACT/ws/fe/SiiFactFEV1SOAP

Part by part:

--cert ./ALEXANDRU_CATALIN_bundle.pemset the certificate
--header "Content-Type: text/xml;charset=UTF-8"indicates type of content sent
--header "SOAPAction: SuministroLRFacturasEmitidas"indicates the webservice command we want to call
--data @datos_xml.txtspecifies the file with the data, IMPORTANT apparently the @one in front of the file path is a very important detail since it is what tells cURL that it should read from a file

Content datos_xml.txt:

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="https://www2.agenciatributaria.gob.es/static_files/common/internet/dep/aplicaciones/es/aeat/ssii/fact/ws/SuministroInformacion.xsd" xmlns:ns2="https://www2.agenciatributaria.gob.es/static_files/common/internet/dep/aplicaciones/es/aeat/ssii/fact/ws/SuministroLR.xsd">
  <SOAP-ENV:Body>
    <ns2:SuministroLRFacturasEmitidas>
      <ns1:Cabecera>
        <ns1:IDVersionSii>1.0</ns1:IDVersionSii>
        <ns1:Titular>
          <ns1:NombreRazon>ALEXANDRU CATALIN TRANDAFIR</ns1:NombreRazon>
          <ns1:NIF>X4378072E</ns1:NIF>
        </ns1:Titular>
        <ns1:TipoComunicacion>A0</ns1:TipoComunicacion>
      </ns1:Cabecera>
      <ns2:RegistroLRFacturasEmitidas>
        <ns1:PeriodoImpositivo>
          <ns1:Ejercicio>2017</ns1:Ejercicio>
          <ns1:Periodo>12</ns1:Periodo>
        </ns1:PeriodoImpositivo>
        <ns2:IDFactura>
          <ns1:IDEmisorFactura>
            <ns1:NIF>X4378072E</ns1:NIF>
          </ns1:IDEmisorFactura>
          <ns1:NumSerieFacturaEmisor>SIIDEMO/1</ns1:NumSerieFacturaEmisor>
          <ns1:FechaExpedicionFacturaEmisor>31-12-2017</ns1:FechaExpedicionFacturaEmisor>
        </ns2:IDFactura>
        <ns2:FacturaExpedida>
          <ns1:TipoFactura>F1</ns1:TipoFactura>
          <ns1:FechaOperacion>31-12-2017</ns1:FechaOperacion>
          <ns1:ClaveRegimenEspecialOTrascendencia>01</ns1:ClaveRegimenEspecialOTrascendencia>
          <ns1:ImporteTotal>1210</ns1:ImporteTotal>
          <ns1:DescripcionOperacion>Compra ordenador portátil</ns1:DescripcionOperacion>
          <ns1:Contraparte>
            <ns1:NombreRazon>HeavyDots SL</ns1:NombreRazon>
            <ns1:NIF>B66544586</ns1:NIF>
          </ns1:Contraparte>
          <ns1:TipoDesglose>
            <ns1:DesgloseFactura>
              <ns1:Sujeta>
                <ns1:NoExenta>
                  <ns1:TipoNoExenta>S1</ns1:TipoNoExenta>
                  <ns1:DesgloseIVA>
                    <ns1:DetalleIVA>
                      <ns1:TipoImpositivo>21</ns1:TipoImpositivo>
                      <ns1:BaseImponible>500</ns1:BaseImponible>
                      <ns1:CuotaRepercutida>105</ns1:CuotaRepercutida>
                    </ns1:DetalleIVA>
                    <ns1:DetalleIVA>
                      <ns1:TipoImpositivo>21</ns1:TipoImpositivo>
                      <ns1:BaseImponible>500</ns1:BaseImponible>
                      <ns1:CuotaRepercutida>105</ns1:CuotaRepercutida>
                    </ns1:DetalleIVA>
                  </ns1:DesgloseIVA>
                </ns1:NoExenta>
              </ns1:Sujeta>
            </ns1:DesgloseFactura>
          </ns1:TipoDesglose>
        </ns2:FacturaExpedida>
      </ns2:RegistroLRFacturasEmitidas>
      <ns2:RegistroLRFacturasEmitidas>
        <ns1:PeriodoImpositivo>
          <ns1:Ejercicio>2017</ns1:Ejercicio>
          <ns1:Periodo>12</ns1:Periodo>
        </ns1:PeriodoImpositivo>
        <ns2:IDFactura>
          <ns1:IDEmisorFactura>
            <ns1:NIF>X4378072E</ns1:NIF>
          </ns1:IDEmisorFactura>
          <ns1:NumSerieFacturaEmisor>SIIDEMO/2</ns1:NumSerieFacturaEmisor>
          <ns1:FechaExpedicionFacturaEmisor>31-12-2017</ns1:FechaExpedicionFacturaEmisor>
        </ns2:IDFactura>
        <ns2:FacturaExpedida>
          <ns1:TipoFactura>F1</ns1:TipoFactura>
          <ns1:FechaOperacion>31-12-2017</ns1:FechaOperacion>
          <ns1:ClaveRegimenEspecialOTrascendencia>01</ns1:ClaveRegimenEspecialOTrascendencia>
          <ns1:ImporteTotal>1210</ns1:ImporteTotal>
          <ns1:DescripcionOperacion>Compra ordenador portátil</ns1:DescripcionOperacion>
          <ns1:Contraparte>
            <ns1:NombreRazon>HeavyDots SL</ns1:NombreRazon>
            <ns1:NIF>B66544586</ns1:NIF>
          </ns1:Contraparte>
          <ns1:TipoDesglose>
            <ns1:DesgloseFactura>
              <ns1:Sujeta>
                <ns1:NoExenta>
                  <ns1:TipoNoExenta>S1</ns1:TipoNoExenta>
                  <ns1:DesgloseIVA>
                    <ns1:DetalleIVA>
                      <ns1:TipoImpositivo>21</ns1:TipoImpositivo>
                      <ns1:BaseImponible>500</ns1:BaseImponible>
                      <ns1:CuotaRepercutida>105</ns1:CuotaRepercutida>
                    </ns1:DetalleIVA>
                    <ns1:DetalleIVA>
                      <ns1:TipoImpositivo>21</ns1:TipoImpositivo>
                      <ns1:BaseImponible>500</ns1:BaseImponible>
                      <ns1:CuotaRepercutida>105</ns1:CuotaRepercutida>
                    </ns1:DetalleIVA>
                  </ns1:DesgloseIVA>
                </ns1:NoExenta>
              </ns1:Sujeta>
            </ns1:DesgloseFactura>
          </ns1:TipoDesglose>
        </ns2:FacturaExpedida>
      </ns2:RegistroLRFacturasEmitidas>
    </ns2:SuministroLRFacturasEmitidas>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Response:

*   Trying 195.76.38.173...
* Connected to www7.aeat.es (195.76.38.173) port 443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: C:\xampp\apache\bin\curl-ca-bundle.crt
  CApath: none
* TLSv1.2 (OUT), TLS Unknown, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS handshake, CERT verify (15):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES256-SHA256
* Server certificate:
*        subject: description=CAM-SSL-SW; L=MADRID; ST=MADRID; serialNumber=Q2826000H; OU=INFORMATICA TRIBUTARIA; O=AGENCIA ESTATAL DE ADMINISTRACIÓN TRIBUTARIA; CN=*.aeat.es; C=ES
*        start date: Nov  5 07:12:54 2015 GMT
*        expire date: Nov  4 07:12:54 2018 GMT
*        subjectAltName: www7.aeat.es matched
*        issuer: C=ES; OU=AC CAMERFIRMA; O=AC Camerfirma S.A.; serialNumber=A82743287; L=Madrid (see current address at https://www.camerfirma.com/address); CN=Camerfirma Corporate Server II - 2015
*        SSL certificate verify ok.
> POST /wlpl/SSII-FACT/ws/fe/SiiFactFEV1SOAP HTTP/1.1
> Host: www7.aeat.es
> User-Agent: curl/7.47.1
> Accept: */*
> Content-Type: text/xml;charset=UTF-8
> SOAPAction: SuministroLRFacturasEmitidas
> Content-Length: 4824
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
* We are completely uploaded and fine
< HTTP/1.1 200 OK
< Date: Thu, 18 Jan 2018 00:49:53 GMT
< X-Powered-By: Servlet/3.1
< DIT-Servidor: WLP00401
< X-UA-Compatible: IE=7
< DIT-Tarea: 17577
< DIT-Codigo-Respuesta: 0
< DIT-NIU: 8093634366
< Content-Length: 1838
< Set-Cookie: JSESSIONID=s1~0001dmDLVUkaddMP4RFOx4oMUB4:wlp004_wlp001; Path=/wlpl/; Secure; HttpOnly
< Set-Cookie: aeat_id_usr_sede=%7B%22tipoAcceso%22%3A%22C%22%2C%22fechaYHora%22%3A%2220180118004953432%22%2C%22nombre%22%3A%22TRANDAFIR%20ALEXANDRU%20CATALIN%22%7D; Path=/; Domain=.agenciatributaria.gob.aeat; Secure
< Expires: Thu, 01 Dec 1994 16:00:00 GMT
< Cache-Control: no-cache="set-cookie, set-cookie2"
< Content-Type: text/xml;charset=UTF-8
<
<?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body Id="Body"><siiR:RespuestaLRFacturasEmitidas xmlns:siiR="https://www2.agenciatributaria.gob.es/static_files/common/internet/dep/aplicaciones/es/aeat/ssii/fact/ws/RespuestaSuministro.xsd" xmlns:sii="https://www2.agenciatributaria.gob.es/static_files/common/internet/dep/aplicaciones/es/aeat/ssii/fact/ws/SuministroInformacion.xsd"><siiR:Cabecera><sii:IDVersionSii>1.0</sii:IDVersionSii><sii:Titular><sii:NombreRazon>ALEXANDRU CATALIN TRANDAFIR</sii:NombreRazon><sii:NIF>X4378072E</sii:NIF></sii:Titular><sii:TipoComunicacion>A0</sii:TipoComunicacion></siiR:Cabecera><siiR:EstadoEnvio>Incorrecto</siiR:EstadoEnvio><siiR:RespuestaLinea><siiR:IDFactura><sii:IDEmisorFactura><sii:NIF>X4378072E</sii:NIF></sii:IDEmisorFactura><sii:NumSerieFacturaEmisor>SIIDEMO/1</sii:NumSerieFacturaEmisor><sii:FechaExpedicionFacturaEmisor>31-12-2017</sii:FechaExpedicionFacturaEmisor></siiR:IDFactura><siiR:EstadoRegistro>Incorrecto</siiR:EstadoRegistro><siiR:CodigoErrorRegistro>3000</siiR:CodigoErrorRegistro><siiR:DescripcionErrorRegistro>Factura duplicada</siiR:DescripcionErrorRegistro><siiR:CSV>QSAYUMZV8NM3REGD</siiR:CSV></siiR:RespuestaLinea><siiR:RespuestaLinea><siiR:IDFactura><sii:IDEmisorFactura><sii:NIF>X4378072E</sii:NIF></sii:IDEmisorFactura><sii:NumSerieFacturaEmisor>SIIDEMO/2</sii:NumSerieFacturaEmisor><sii:FechaExpedicionFacturaEmisor>31-12-2017</sii:FechaExpedicionFacturaEmisor></siiR:IDFactura><siiR:EstadoRegistro>Incorrecto</siiR:EstadoRegistro><siiR:CodigoErrorRegistro>3000</siiR:CodigoErrorRegistro><siiR:DescripcionErrorRegistro>Factura duplicada</siiR:DescripcionErrorRegistro><siiR:CSV>QSAYUMZV8NM3REGD</siiR:CSV></siiR:RespuestaLinea></siiR:RespuestaLRFacturasEmitidas>
</env:Body></env:Envelope>* Connection #0 to host www7.aeat.es left intact

How to get valid PEM bundle certificate

I tell you the steps to obtain a valid certificate, but first two notes:

In my case I am preparing it to use it with the PHP SoapClient which also needs the PEM format
In my case I use the original .PFX file that my manager sent me, that is, it was not imported/exported to/from the browser, although I understand that with your exported file it should also work as long as it is a valid PFX/P12

Here we go..

These are the commands to execute with openssl:

openssl pkcs12 -in archivo.pfx -clcerts -nokeys -out archivo_mycert.pem -password pass:"contraseña"
openssl pkcs12 -in archivo.pfx -nocerts -nodes -out archivo_mykey.pem -password pass:"contraseña"

With these commands you extract the certificate on the one hand and the private key on the other, examples:

Content archivo_mycert.pem:

Bag Attributes
    localKeyID: 01 00 00 00 
    1.3.6.1.4.1.311.17.3.92: 00 08 00 00 
    1.3.6.1.4.1.311.17.3.20: 2A 87 AA 0D B3 2B B8 0B 9F 63 51 6D 29 18 27 68 67 9C 50 F2 
    1.3.6.1.4.1.311.17.3.71: 47 00 45 00 53 00 54 00 49 00 4F 00 2D 00 50 00 43 00 00 00 
    1.3.6.1.4.1.311.17.3.75: 34 00 46 00 46 00 33 00 32 00 31 00 42 00 35 00 42 00 46 00 31 00 39 00 39 00 37 00 38 00 46 00 43 00 46 00 31 00 31 00 33 00 37 00 44 00 41 00 35 00 45 00 39 00 32 00 42 00 34 00 46 00 39 00 5F 00 00 00 
...
-----BEGIN CERTIFICATE-----
MIIGmjCCBYKgAwIBAgIQFciYgGKGJNVYbjZryy+gCDANBgkqhkiG9w0BAQsFADBL
...
xdl/6mx4Kb3K/7JElDg=
-----END CERTIFICATE-----

Content archivo_mykey.pem:

Bag Attributes
    localKeyID: 01 00 00 00 
    friendlyName: le-d65c3786-5ca1-4b92-a149-82acdd8fd1f3
    Microsoft CSP Name: Microsoft Strong Cryptographic Provider
Key Attributes
    X509v3 Key Usage: 80 
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCZBqn8nYbmOLjR
...
Z2orfXHJGDmzf7eGfC4r0g4=
-----END PRIVATE KEY-----

Next, what you must do is create a third file that we will call it archivo_bundle.pemand where within this file we paste the contents of the certificate and the key, leaving something like this:

-----BEGIN CERTIFICATE-----
MIIGmjCCBYKgAwIBAgIQFciYgGKGJNVYbjZryy+gCDANBgkqhkiG9w0BAQsFADBL
...
xdl/6mx4Kb3K/7JElDg=
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCZBqn8nYbmOLjR
...
Z2orfXHJGDmzf7eGfC4r0g4=
-----END PRIVATE KEY-----

Done, now you will use the file archivo_bundle.pemas a parameter in your cURL or SoapClient call.

Finally, let me tell you that at http://www.aeatsiidesarrolladores.es/ I have written a technical ebook on the implementation of the SII. It contains examples of code in PHP and a mini application that has the entire communication circuit with the SII, which only needs to be uploaded to a server and leave a certificate in PFX format and it is already operational. You might be interested in taking a look! Luck! :-)

Send SII model to Treasury using cURL

Export Certificate (.pfx)

Convert .pfx certificate to .pem (OpenSSL)

Send (using cURL)

cURL Response

Last considerations

How to make the call from cURL

How to get valid PEM bundle certificate

HTML button that sends you to another page

Why do I get the error "Call to undefined function mysql_connect()"?

How to create an HTML button that works as a link?

How to separate a String in Java. How to use split()

Filter by dates in sql server

How to limit the number of decimal places in a double?

For each in JavaScript?

Position footer ALWAYS glued to the footer

Definitive Guide to Type Conversion in Java

How to properly compare Strings (and objects) in Java?