PHP - Curitiba WS semrpe returns 403

-1

I'm trying to send an NFS-e (XML, RPS batch) through Curitiba's webservice, but the connection with curl always returns error 403 (without permission). I have already linked the certificate in the city hall system (ISS). Here are the settings below:

curl settings

curl_setopt($ch, CURLOPT_URL, $endpoint);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
    curl_setopt($ch, CURLOPT_TIMEOUT, 60);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

    curl_setopt($ch, CURLOPT_SSLCERT, "{$path}_cert.pem");
    curl_setopt($ch, CURLOPT_SSLKEY, "{$path}_priKEY.pem");
    curl_setopt($ch, CURLOPT_KEYPASSWD, '******'); // senha do certificado

    curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

Headers

    $headers = [
        'POST /Iss.NfseWebService/nfsews.asmx HTTP/1.1',
        'Host: isscuritiba.curitiba.pr.gov.br',
        'Content-Type: text/xml; charset=utf-8',
        'Content-Length: ' . strlen($xml),
        'SOAPAction: http://www.e-governeapps2.com.br/RecepcionarLoteRps'
    ];

Sent XML (with test data)

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">   
  <soap:Body>
    <RecepcionarLoteRps xmlns="http://www.e-governeapps2.com.br/">
        <EnviarLoteRpsEnvio>
            <LoteRps>
                <NumeroLote>1</NumeroLote>
                <Cnpj>00000000000000</Cnpj>
                <InscricaoMunicipal/>
                <QuantidadeRps>1</QuantidadeRps>
                <ListaRps>
                    <Rps>
                        <InfRps>
                            <IdentificacaoRps>
                                <Numero>1</Numero>
                                <Serie>A</Serie>
                                <Tipo>1</Tipo>
                            </IdentificacaoRps>
                            <DataEmissao>2018-08-30 04:11:00T00:00:00</DataEmissao>
                            <NaturezaOperacao>1</NaturezaOperacao>
                            <RegimeEspecialTributacao>2</RegimeEspecialTributacao>
                            <OptanteSimplesNacional>1</OptanteSimplesNacional>
                            <IncentivadorCultural>2</IncentivadorCultural>
                            <Status>1</Status>
                            <Servico>
                                <Valores>
                                    <ValorServicos>1.00</ValorServicos>
                                    <ValorDeducoes>0</ValorDeducoes>
                                    <ValorPis>0</ValorPis>
                                    <ValorCofins>0</ValorCofins>
                                    <ValorInss>0</ValorInss>
                                    <ValorIr>0</ValorIr>
                                    <ValorCsll>0</ValorCsll>
                                    <IssRetido>2</IssRetido>
                                    <ValorIss>0</ValorIss>
                                    <ValorIssRetido>0</ValorIssRetido>
                                    <OutrasRetencoes>0</OutrasRetencoes>
                                    <BaseCalculo>1.00</BaseCalculo>
                                    <Aliquota>0</Aliquota>
                                    <ValorLiquidoNfse>1.00</ValorLiquidoNfse>
                                    <DescontoIncondicionado>0</DescontoIncondicionado>
                                    <DescontoCondicionado>0</DescontoCondicionado>
                                </Valores>
                                <ItemListaServico>701</ItemListaServico>
                                <CodigoCnae>0</CodigoCnae>
                                <Discriminacao>Auditoria Ambiental</Discriminacao>
                                <CodigoMunicipio>0000000</CodigoMunicipio>
                            </Servico>
                            <Prestador>
                                <Cnpj>00000000000000</Cnpj>
                                <InscricaoMunicipal/>
                            </Prestador>
                            <Tomador>
                                <IdentificacaoTomador>
                                    <CpfCnpj>
                                        <Cnpj>00000000000000</Cnpj>
                                    </CpfCnpj>
                                </IdentificacaoTomador>
                                <RazaoSocial>EMPRESA TESTE LTDA</RazaoSocial>
                                <Endereco>
                                    <Endereco>TESTE</Endereco>
                                    <Numero>00</Numero>
                                    <Complemento/>
                                    <Bairro>TESTE</Bairro>
                                    <CodigoMunicipio>0000000</CodigoMunicipio>
                                    <Uf>PR</Uf>
                                    <Cep>00000000</Cep>
                                </Endereco>
                                <Contato>
                                    <Telefone>11111111111</Telefone>
                                    <Email>[email protected]</Email>
                                </Contato>
                            </Tomador>
                        </InfRps>
                    </Rps>
                </ListaRps>
            </LoteRps>
            <Signature Id="NfsSignature">
                <SignedInfo>
                    <CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
                    <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                    <Reference URI="http://www.w3.org/TR/2000/REC-xhtml1-20000126/">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/></Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                        <DigestValue>Y2ZhNTExODY1OGRlOGU0MDI5NzU5MzZhMTVlMDVlYThhZTc5ZjcwYTA4NzQxYjIxMjQ0NTY3ZWE4YWVlNTIyOQ==</DigestValue>
                    </Reference>
                </SignedInfo>
                <SignatureValue>gJqmDLOaY4YdNEELf2c+hkrxcbz3x2og69YgiqtGR9zt0B+CzRodYoXB5euTB014sgHoCJejaBKwBaBq6BuLBmxUm02F4Lt8ApxQQF+e7561AcAV00YVb6nfILz4dzX32H8CjTYqK0cKONjYzAdNJinCpxybMEeS/6nkKS7vRmXgN18g7t1HUHvgWpirlYJ7mGeigFgYeUmd0JEmaycWyMtOzDhWq8KYeSFfP3Y/HlHQpMX6zh7tRw2oVlRCJQnRazedzLNY74gcZjd8fX5YrqERK6ExhhALJH8BGVg5uwhHC8llvO5EPnRSHTXkcqrBZihF/1LKbTvqQgjTCIiQPQ==</SignatureValue>
                <KeyInfo>
                    <X509Data>
                        <X509Certificate>MIIHwDCCBaigAwIBAgIQKPorJVJCMiKfm+A1xBpgjTANBgkqhkiG9w0BAQsFADBxMQswCQYDVQQGEwJCUjETMBEGA1UEChMKSUNQLUJyYXNpbDE2MDQGA1UECxMtU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2lsIC0gUkZCMRUwEwYDVQQDEwxBQyBCUiBSRkIgRzQwHhcNMTgwNjI2MTc1ODU0WhcNMTkwNjI2MTc1ODU0WjCB7DELMAkGA1UEBhMCQlIxEzARBgNVBAoMCklDUC1CcmFzaWwxCzAJBgNVBAgMAlBSMREwDwYDVQQHDAhDdXJpdGliYTE2MDQGA1UECwwtU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2lsIC0gUkZCMRYwFAYDVQQLDA1SRkIgZS1DTlBKIEExMSQwIgYDVQQLDBtBdXRlbnRpY2FkbyBwb3IgQVIgQ0VSVFBMVVMxMjAwBgNVBAMMKUdFT1BBUkFOQSBDT05TVUxUT1JJQSBMVERBOjA0NDI2Nzg4MDAwMTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0h3OZuHK+dwDj1dfLbhg355CNWWVD/mK0dJtN+aorRHOfA0Cb09CQ4AIXox/9aiD0P2IOxFNuvKCpFFR9fVNdJlbK+aBJwpjsChAN+zJRdajutvM+3xmWNOWZ8CX7Lhz19SB4LB7L9Q5Lf14UP24IguUA3WA4EawLVdrSIZgGJiRd6GDYr9WLRRPD47b94picGQL6ezeeeGuppOd4/jeFJxqC8cmzkFHofeRxViNRQVYzY1h+fRJdEU30YbX7SEH3ZAhSdzY4mgA2NWCHnGZKF9e4V6M4q8/3JWpZxdHU33b/dDAKH7G7vf0IZ8Z3R3DdW9rhY+zRYr8K2qEKAJXQIDAQABo4IC1jCCAtIwgb4GA1UdEQSBtjCBs6A4BgVgTAEDBKAvBC0wNDA1MTk2MDQ5MTIxNTI5OTQ5MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDCgJgYFYEwBAwKgHQQbU0VSR0lPIENBUkxPUyBNVURSRUkgU0NIT1RUoBkGBWBMAQMDoBAEDjA0NDI2Nzg4MDAwMTUzoBcGBWBMAQMHoA4EDDAwMDAwMDAwMDAwMIEbbHVjYWNvbnRhYmlsaWRhZGVAZ21haWwuY29tMAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUdb8gigSrtNF55L3vJhGgQTbY9L0wbAYDVR0gBGUwYzBhBgZgTAECARswVzBVBggrBgEFBQcCARZJaHR0cDovL2ljcC1icmFzaWwuYWNici5jb20uYnIvcmVwb3NpdG9yaW8vZHBjL0FDX0JSX1JGQi9EUENfQUNfQlJfUkZCLnBkZjCBqQYDVR0fBIGhMIGeMEugSaBHhkVodHRwOi8vaWNwLWJyYXNpbC5hY2JyLm9yZy5ici9yZXBvc2l0b3Jpby9sY3IvQUNCUlJGQkc0L0xhdGVzdENSTC5jcmwwT6BNoEuGSWh0dHA6Ly9pY3AtYnJhc2lsLm91dHJhbGNyLmNvbS5ici9yZXBvc2l0b3Jpby9sY3IvQUNCUlJGQkc0L0xhdGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDCBmQYIKwYBBQUHAQEEgYwwgYkwUwYIKwYBBQUHMAKGR2h0dHA6Ly9pY3AtYnJhc2lsLmFjYnIub3JnLmJyL3JlcG9zaXRvcmlvL2NlcnRpZmljYWRvcy9BQ19CUl9SRkJfRzQucDdjMDIGCCsGAQUFBzABhiZodHRwOi8vb2NzcC1hYy1ici1yZmIuY2VydGlzaWduLmNvbS5icjANBgkqhkiG9w0BAQsFAAOCAgEA6lmI66NY7nMxpm1cyyRSxV+GwyLNMr6GOn2IoNFOLuFaDXW9e80aA6tm0aK00nLmzdxWAA8b6AFkELxdZygLp1d2DziQnBIsovEPU4UNB5nZ3SwZ1l/DVZ1GIRSNVm3KscKOqUoqc2iVszPUdMN4kiShHRZ3Qzi/+xa90ptU1FobuDLzsQgc8VtY7jjT8MfnGwiONPUD2eCt6bT/sPQMtB173SkXdEXWkCiB4qeP6Tv655yBcr8L1SPBVRdglQuj0w5B+zQa1dUz26w/lT5jXS5slFQFV98hcCBvV61M25Dyvndthm8+/w1rS8tbKuBb/TL9v+DKgdA86Wf4UoPfKfueYw2ibvmYBgSaKZ10bVUj6QDf6hMx5YYVzR/6IA8ienpTP3o2Ca7OSAB8JnqD5O2DGTgCkMvMBq9jpSZSBWUnmymiwQWTPnbbYj4H4XgK0nBNX6VYvwRlUxEnwhjEqk9RTYfU5k8PM3MZbzVOoSrANWu72N6r2TxEam4RNEUNNWFRESuS4GwpkRMEJd4sJ8CG7yL+7oeOyajax+88xQJ07oRUMUJUYZV+d7GqRTgfErd29pL63N9UkEhIyHfw4ysUlCYSwoghvOB8EUiM576rRS4qXMUwHqePVm0K5ci4IgreHcnfcq2Rz5o6hHndIwRiREiAbjpCYdzFhDxooow=</X509Certificate>
                    </X509Data>
                </KeyInfo>
            </Signature>
        </EnviarLoteRpsEnvio>
    </RecepcionarLoteRps>
  </soap:Body>
</soap:Envelope>

WS Link with the specifications: link

Any tips for solving this problem?

    
asked by anonymous 30.08.2018 / 21:10

1 answer

1

I'm not sure, but I think this is wrong:

$headers = [
    'POST /Iss.NfseWebService/nfsews.asmx HTTP/1.1', <---- ISTO

You do not have to send the "VERB" in the headers, the curl itself generates the "verb", this path /Iss.NfseWebService/nfsews.asmx should be part of the "endpoint" (URL), it should look something like this:

$headers = [
    'Host: isscuritiba.curitiba.pr.gov.br',
    'Content-Type: text/xml; charset=utf-8',
    'Content-Length: ' . strlen($xml),
    'SOAPAction: http://www.e-governeapps2.com.br/RecepcionarLoteRps'
];

$endpoint = 'https://isscuritiba.curitiba.pr.gov.br/Iss.NfseWebService/nfsews.asmx';

curl_setopt($ch, CURLOPT_URL, $endpoint);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

curl_setopt($ch, CURLOPT_SSLCERT, "{$path}_cert.pem");
curl_setopt($ch, CURLOPT_SSLKEY, "{$path}_priKEY.pem");
curl_setopt($ch, CURLOPT_KEYPASSWD, '******'); // senha do certificado

curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

I put in the endpoint the https://isscuritiba.curitiba.pr.gov.br/ , I'm not sure if this is the domain, I only infer by host: .

I did not find in the documentation that HTTPS is required, without using HTTPS I was able to get the result by doing this:

$headers = [
    'Host: isscuritiba.curitiba.pr.gov.br',
    'Content-Type: text/xml; charset=utf-8',
    'Content-Length: ' . strlen($xml),
    'SOAPAction: http://www.e-governeapps2.com.br/RecepcionarLoteRps'
];

$endpoint = 'http://isscuritiba.curitiba.pr.gov.br/Iss.NfseWebService/nfsews.asmx';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $endpoint);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$resposta = curl_exec($ch);
$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);

echo "Resposta HTTP: $status<br>\n",
     "Resposta do SOAP: ", htmlespecialchars($resposta);

I got this:

Resposta HTTP: 500
Resposta do SOAP: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>Server was unable to read request. ---&gt; There is an error in XML document (19, 72). ---&gt; The string '2018-08-30 04:11:00T00:00:00' is not a valid AllXsd value.</faultstring><detail /></soap:Fault></soap:Body></soap:Envelope>

Being the error:

  

There is an error in XML document (19, 72). --- > The string '2018-08-30 04: 11: 00T00: 00: 00' is not a valid AllXsd value.

In other words, the problem is in this line of your XML:

<DataEmissao>2018-08-30 04:11:00T00:00:00</DataEmissao>
    
30.08.2018 / 23:16