0
I am trying to send an NFS-e (XML, RPS batch) through the Curitiba webservice, but the connection with Curl always returns error 403 (without permission). I have linked the certificate in the City Hall System (ISS). Follow the settings below:
Curl settings
curl_setopt($ch, CURLOPT_URL, $endpoint);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSLCERT, "{$path}_cert.pem");
curl_setopt($ch, CURLOPT_SSLKEY, "{$path}_priKEY.pem");
curl_setopt($ch, CURLOPT_KEYPASSWD, '******'); // senha do certificado
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
Headers
$headers = [
'POST /Iss.NfseWebService/nfsews.asmx HTTP/1.1',
'Host: isscuritiba.curitiba.pr.gov.br',
'Content-Type: text/xml; charset=utf-8',
'Content-Length: ' . strlen($xml),
'SOAPAction: http://www.e-governeapps2.com.br/RecepcionarLoteRps'
];
XML Uploaded (with test data)
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soap:Body>
<RecepcionarLoteRps xmlns="http://www.e-governeapps2.com.br/">
<EnviarLoteRpsEnvio>
<LoteRps>
<NumeroLote>1</NumeroLote>
<Cnpj>00000000000000</Cnpj>
<InscricaoMunicipal/>
<QuantidadeRps>1</QuantidadeRps>
<ListaRps>
<Rps>
<InfRps>
<IdentificacaoRps>
<Numero>1</Numero>
<Serie>A</Serie>
<Tipo>1</Tipo>
</IdentificacaoRps>
<DataEmissao>2018-08-30 04:11:00T00:00:00</DataEmissao>
<NaturezaOperacao>1</NaturezaOperacao>
<RegimeEspecialTributacao>2</RegimeEspecialTributacao>
<OptanteSimplesNacional>1</OptanteSimplesNacional>
<IncentivadorCultural>2</IncentivadorCultural>
<Status>1</Status>
<Servico>
<Valores>
<ValorServicos>1.00</ValorServicos>
<ValorDeducoes>0</ValorDeducoes>
<ValorPis>0</ValorPis>
<ValorCofins>0</ValorCofins>
<ValorInss>0</ValorInss>
<ValorIr>0</ValorIr>
<ValorCsll>0</ValorCsll>
<IssRetido>2</IssRetido>
<ValorIss>0</ValorIss>
<ValorIssRetido>0</ValorIssRetido>
<OutrasRetencoes>0</OutrasRetencoes>
<BaseCalculo>1.00</BaseCalculo>
<Aliquota>0</Aliquota>
<ValorLiquidoNfse>1.00</ValorLiquidoNfse>
<DescontoIncondicionado>0</DescontoIncondicionado>
<DescontoCondicionado>0</DescontoCondicionado>
</Valores>
<ItemListaServico>701</ItemListaServico>
<CodigoCnae>0</CodigoCnae>
<Discriminacao>Auditoria Ambiental</Discriminacao>
<CodigoMunicipio>0000000</CodigoMunicipio>
</Servico>
<Prestador>
<Cnpj>00000000000000</Cnpj>
<InscricaoMunicipal/>
</Prestador>
<Tomador>
<IdentificacaoTomador>
<CpfCnpj>
<Cnpj>00000000000000</Cnpj>
</CpfCnpj>
</IdentificacaoTomador>
<RazaoSocial>EMPRESA TESTE LTDA</RazaoSocial>
<Endereco>
<Endereco>TESTE</Endereco>
<Numero>00</Numero>
<Complemento/>
<Bairro>TESTE</Bairro>
<CodigoMunicipio>0000000</CodigoMunicipio>
<Uf>PR</Uf>
<Cep>00000000</Cep>
</Endereco>
<Contato>
<Telefone>11111111111</Telefone>
<Email>[email protected]</Email>
</Contato>
</Tomador>
</InfRps>
</Rps>
</ListaRps>
</LoteRps>
<Signature Id="NfsSignature">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<Reference URI="http://www.w3.org/TR/2000/REC-xhtml1-20000126/">
<Transforms>
<Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/></Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>Y2ZhNTExODY1OGRlOGU0MDI5NzU5MzZhMTVlMDVlYThhZTc5ZjcwYTA4NzQxYjIxMjQ0NTY3ZWE4YWVlNTIyOQ==</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>gJqmDLOaY4YdNEELf2c+hkrxcbz3x2og69YgiqtGR9zt0B+CzRodYoXB5euTB014sgHoCJejaBKwBaBq6BuLBmxUm02F4Lt8ApxQQF+e7561AcAV00YVb6nfILz4dzX32H8CjTYqK0cKONjYzAdNJinCpxybMEeS/6nkKS7vRmXgN18g7t1HUHvgWpirlYJ7mGeigFgYeUmd0JEmaycWyMtOzDhWq8KYeSFfP3Y/HlHQpMX6zh7tRw2oVlRCJQnRazedzLNY74gcZjd8fX5YrqERK6ExhhALJH8BGVg5uwhHC8llvO5EPnRSHTXkcqrBZihF/1LKbTvqQgjTCIiQPQ==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIHwDCCBaigAwIBAgIQKPorJVJCMiKfm+A1xBpgjTANBgkqhkiG9w0BAQsFADBxMQswCQYDVQQGEwJCUjETMBEGA1UEChMKSUNQLUJyYXNpbDE2MDQGA1UECxMtU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2lsIC0gUkZCMRUwEwYDVQQDEwxBQyBCUiBSRkIgRzQwHhcNMTgwNjI2MTc1ODU0WhcNMTkwNjI2MTc1ODU0WjCB7DELMAkGA1UEBhMCQlIxEzARBgNVBAoMCklDUC1CcmFzaWwxCzAJBgNVBAgMAlBSMREwDwYDVQQHDAhDdXJpdGliYTE2MDQGA1UECwwtU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2lsIC0gUkZCMRYwFAYDVQQLDA1SRkIgZS1DTlBKIEExMSQwIgYDVQQLDBtBdXRlbnRpY2FkbyBwb3IgQVIgQ0VSVFBMVVMxMjAwBgNVBAMMKUdFT1BBUkFOQSBDT05TVUxUT1JJQSBMVERBOjA0NDI2Nzg4MDAwMTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0h3OZuHK+dwDj1dfLbhg355CNWWVD/mK0dJtN+aorRHOfA0Cb09CQ4AIXox/9aiD0P2IOxFNuvKCpFFR9fVNdJlbK+aBJwpjsChAN+zJRdajutvM+3xmWNOWZ8CX7Lhz19SB4LB7L9Q5Lf14UP24IguUA3WA4EawLVdrSIZgGJiRd6GDYr9WLRRPD47b94picGQL6ezeeeGuppOd4/jeFJxqC8cmzkFHofeRxViNRQVYzY1h+fRJdEU30YbX7SEH3ZAhSdzY4mgA2NWCHnGZKF9e4V6M4q8/3JWpZxdHU33b/dDAKH7G7vf0IZ8Z3R3DdW9rhY+zRYr8K2qEKAJXQIDAQABo4IC1jCCAtIwgb4GA1UdEQSBtjCBs6A4BgVgTAEDBKAvBC0wNDA1MTk2MDQ5MTIxNTI5OTQ5MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDCgJgYFYEwBAwKgHQQbU0VSR0lPIENBUkxPUyBNVURSRUkgU0NIT1RUoBkGBWBMAQMDoBAEDjA0NDI2Nzg4MDAwMTUzoBcGBWBMAQMHoA4EDDAwMDAwMDAwMDAwMIEbbHVjYWNvbnRhYmlsaWRhZGVAZ21haWwuY29tMAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUdb8gigSrtNF55L3vJhGgQTbY9L0wbAYDVR0gBGUwYzBhBgZgTAECARswVzBVBggrBgEFBQcCARZJaHR0cDovL2ljcC1icmFzaWwuYWNici5jb20uYnIvcmVwb3NpdG9yaW8vZHBjL0FDX0JSX1JGQi9EUENfQUNfQlJfUkZCLnBkZjCBqQYDVR0fBIGhMIGeMEugSaBHhkVodHRwOi8vaWNwLWJyYXNpbC5hY2JyLm9yZy5ici9yZXBvc2l0b3Jpby9sY3IvQUNCUlJGQkc0L0xhdGVzdENSTC5jcmwwT6BNoEuGSWh0dHA6Ly9pY3AtYnJhc2lsLm91dHJhbGNyLmNvbS5ici9yZXBvc2l0b3Jpby9sY3IvQUNCUlJGQkc0L0xhdGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDCBmQYIKwYBBQUHAQEEgYwwgYkwUwYIKwYBBQUHMAKGR2h0dHA6Ly9pY3AtYnJhc2lsLmFjYnIub3JnLmJyL3JlcG9zaXRvcmlvL2NlcnRpZmljYWRvcy9BQ19CUl9SRkJfRzQucDdjMDIGCCsGAQUFBzABhiZodHRwOi8vb2NzcC1hYy1ici1yZmIuY2VydGlzaWduLmNvbS5icjANBgkqhkiG9w0BAQsFAAOCAgEA6lmI66NY7nMxpm1cyyRSxV+GwyLNMr6GOn2IoNFOLuFaDXW9e80aA6tm0aK00nLmzdxWAA8b6AFkELxdZygLp1d2DziQnBIsovEPU4UNB5nZ3SwZ1l/DVZ1GIRSNVm3KscKOqUoqc2iVszPUdMN4kiShHRZ3Qzi/+xa90ptU1FobuDLzsQgc8VtY7jjT8MfnGwiONPUD2eCt6bT/sPQMtB173SkXdEXWkCiB4qeP6Tv655yBcr8L1SPBVRdglQuj0w5B+zQa1dUz26w/lT5jXS5slFQFV98hcCBvV61M25Dyvndthm8+/w1rS8tbKuBb/TL9v+DKgdA86Wf4UoPfKfueYw2ibvmYBgSaKZ10bVUj6QDf6hMx5YYVzR/6IA8ienpTP3o2Ca7OSAB8JnqD5O2DGTgCkMvMBq9jpSZSBWUnmymiwQWTPnbbYj4H4XgK0nBNX6VYvwRlUxEnwhjEqk9RTYfU5k8PM3MZbzVOoSrANWu72N6r2TxEam4RNEUNNWFRESuS4GwpkRMEJd4sJ8CG7yL+7oeOyajax+88xQJ07oRUMUJUYZV+d7GqRTgfErd29pL63N9UkEhIyHfw4ysUlCYSwoghvOB8EUiM576rRS4qXMUwHqePVm0K5ci4IgreHcnfcq2Rz5o6hHndIwRiREiAbjpCYdzFhDxooow=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</EnviarLoteRpsEnvio>
</RecepcionarLoteRps>
</soap:Body>
</soap:Envelope>
WS link to specifications: https://isscuritiba.curitiba.pr.gov.br/Iss.NfseWebService/nfsews.asmx?op=RecepcionarLoteRps
Any tips to solve this problem?
Hello dear Bigboss, 403 probably has nothing to do with security certificates, the problem should be in the authentication layer of the application. Check that the authentication data passed in your xml is correct.
– Guilherme Nascimento
@Guilhermenascimento added the uploaded XML. So there’s nothing wrong with the above settings?
– ThiagoYou
@Guilhermenascimento I believe these are all the tags required by WS. Authentication would not be the signature tags?
– ThiagoYou
@Guilhermenascimento I remove the SOAP Tagas patterns and added the xmlsn attribute that was missing. (all other tags were already in the first example)
– ThiagoYou
@Guilhermenascimento thank you for your help, I really don’t know so much about SOAP. I added the SOAP Tagas included in the real XML (envelope and body), also added the link to the specifications required by WS.
– ThiagoYou
Bigboss I think I found the problem, I formulated an answer, because I wouldn’t get to just comment. I hope this is it.
– Guilherme Nascimento