|
| 1 | +## Fiscalizer |
| 2 | + |
| 3 | +We use the [fiscalizer gem](https://github.com/infinum/fiscalizer) to transfer various document types from a business entity to the tax authorities. |
| 4 | + |
| 5 | +### Setup & Usage |
| 6 | + |
| 7 | +Everything about setup and usage of this gem is explained at [fiscalizer gem](https://github.com/infinum/fiscalizer). |
| 8 | + |
| 9 | +### Certificates |
| 10 | + |
| 11 | +#### Environments: |
| 12 | + |
| 13 | ++ ##### Production environment |
| 14 | + |
| 15 | +Requires only one certificate - application certificate. It is most often called `FISCAL_1.p12`. It contains the public and private key, and the CA (`Certificate authority`) certificate. |
| 16 | + |
| 17 | +Secrets file example: |
| 18 | + |
| 19 | +```Ruby |
| 20 | +fiscalization_app_cert_path: 'cert/production/FISKAL_1.p12' |
| 21 | +fiscalization_ca_cert_path: '' |
| 22 | +``` |
| 23 | + |
| 24 | + |
| 25 | ++ ##### Development & staging environment |
| 26 | + |
| 27 | +Requires 2 certificates - both application and server certificate. The application certificate (`FISCAL_1.p12`) contains the public and private key. The server certificate (most often `fina_ca.pem`) contains the required CA certificates. |
| 28 | + |
| 29 | +Secrets file example: |
| 30 | + |
| 31 | +```Ruby |
| 32 | +fiscalization_app_cert_path: 'cert/development/FISKAL_1.p12' |
| 33 | +fiscalization_ca_cert_path: 'cert/development/fina_ca.pem' |
| 34 | +``` |
| 35 | + |
| 36 | +#### Application certificate unpacking |
| 37 | + |
| 38 | +To view the content of the application certificate locally, you need to unpack it with this command: |
| 39 | + |
| 40 | +``` |
| 41 | +openssl pkcs12 -in FISKAL_1.p12 -out FISKAL_1.pem -nodes |
| 42 | +``` |
| 43 | + |
| 44 | +After running this command, you are prompted to input the `fiscalization password`. |
| 45 | + |
| 46 | +#### Create your own certificate |
| 47 | + |
| 48 | +If you need to test some features that require certificates but you don't have them and your request cannot be sent, you can create a certificate following this [tutorial](https://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate-authority/). |
| 49 | +Once done, create a `.p12` file following these two steps: |
| 50 | + |
| 51 | +1. Copy the private key and SSL certificate to a plain text file. The private key should be at the top with the SSL certificate below. In the example, we use "filename.txt" as the name of the file containing the private key and SSL certificate. |
| 52 | + |
| 53 | +2. `openssl pkcs12 -export -in filename.txt -out filename.p12` |
0 commit comments