agisboye
"Certificate validation failed" error when decoding transactions
I'm decoding transactions as follows, but I get the error "Certificate validation failed". I've verified that the environment variable is correct for the development environment. I haven't tried it in production yet. Any idea why this would be failing in the development environment?
import type { Action } from '@sveltejs/kit';
import { json } from '@sveltejs/kit';
import { decodeTransactions, APPLE_ROOT_CA_G3_FINGERPRINT } from 'app-store-server-api';
import { ENVIRONMENT } from '$env/static/private';
// https://developer.apple.com/documentation/xcode/setting-up-storekit-testing-in-xcode#Prepare-to-validate-receipts-in-the-test-environment
const LOCAL_ROOT_FINGERPRINT = 'FF:0B:A3:<redacted>';
const fingerprint = (ENVIRONMENT.toLowerCase() === 'production') ? APPLE_ROOT_CA_G3_FINGERPRINT : LOCAL_ROOT_FINGERPRINT;
export const POST: Action = async ({ request }) => {
const requestData: { transactions: string[] } = await request.json();
const decodedTransactions = await decodeTransactions(requestData.transactions, fingerprint);
// Error: Certificate validation failed
console.log(decodedTransactions);
return json({});
};
I've now verified that it works in production but not in the development environment.
Are you using the SHA256 fingerprint?
I know a few people have had success validating local transactions (see https://github.com/agisboye/app-store-server-api/issues/25) but I'm not sure if something has changed in Xcode since then. If it's not working I'm happy to take a look but it might be a while before I have the time.
Yes, I copied the SHA-256 fingerprint from the certificate in Xcode and verified that it is correct.