Preface
This article documents some issues which I have encounter during development and found them useful. Information mentioned here are not directly relevant to installation and usage but may by helpful.
Croatia
Certificates
Croatia Fina ROOT CA
Test environment
Test environment is accessible on URL https://cistest.apis-it.hr:8449/FiskalizacijaServiceTest. It is signed by following certificates.
Fina Demo Root CA `- Fina Demo CA 2014 `- cistest.apis-it.hr
Test root certificate Fina Demo Root CA
can be downloaded from FINA page.
This certificate must be put among of trusted certificates. Then also the intermediate certificate will be trusted and communication will be established.
Real environment
Real environment is available on URL https://cis.porezna-uprava.hr:8449/FiskalizacijaService. It is signed by following certificates.
Fina Root CA `- Fina RDC CA 2015 `- cis.porezna-uprava.hr
According information from FINA web page there is Fina Root CA certifikat and intermediate certificate Certifikat za Fina RDC 2015. Other source of certificates is here.
Theoretically it could be possible to take FinaRootCA certificate and put them among trusted ones. Unfortunately this approach does not work. I have discussed it with some people in company but without success.
Later I have found that certificate cis.porezna-uprava.hr
does not contain all certificates in chain of trust.
Therefore it is not possible to validate it using root certificate.
See more in article SSL in Croatia.
The only possibility it to take the intermediate certificate Fina Root CA certificate and put it among trusted. It has a small disadvantage, that it has shorter life span.
User has to provide new certificate of these one.