On https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/CWA-Schnelltest-Portal it says

"Der erste Schritt ist die Unterzeichnung eines Nutzungsvertrages. Die notwendigen Formulare für den Vertragsabschluss sind in aktuell noch in Erstellung und können in Kürze angefragt werden."

It seems that starting from August 1st it is required to connect to the CWA. That's in about a week. We would like to use the CWA Portal for this purpose. When will it become available?

Why Is gender mandatory in the quickest portal?
Due to the DSGVO only necessary data may be interrogated, and we didn't need this for half a year of testing.

Describe the bug

https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme#backend-integration defines result status 6-8,

but

https://github.com/corona-warn-app/cwa-quicktest-onboarding/blob/master/api/quicktest-openapi.json has a range of 5-8 with 5 being pending.

Expected behaviour

To have the same information at both places.

Steps to reproduce the issue

Read the files on github.

Possible Fix

Additional context

Your Question

• Source File: https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/CWA-Schnelltest-Portal
• Line(s): https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/CWA-Schnelltest-Portal#vertragsabschluss
• Question: Is the text still true? Are the forms still WIP? See the sentence:
  "Der erste Schritt ist die Unterzeichnung eines Nutzungsvertrages. Die notwendigen Formulare für den Vertragsabschluss sind in aktuell noch in Erstellung und können in Kürze angefragt werden."

Describe the bug

Test the backend integration of quicktest results but the application is not available (all cluster pods down?)

This is the HTML response:

<html>
  <head>
    <meta name="viewport" content="width=device-width, initial-scale=1">

  <style type="text/css">
  /*!
   * Bootstrap v3.3.5 (http://getbootstrap.com)
   * Copyright 2011-2015 Twitter, Inc.
   * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
   */
  /*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */
  html {
    font-family: sans-serif;
    -ms-text-size-adjust: 100%;
    -webkit-text-size-adjust: 100%;
  }
  body {
    margin: 0;
  }
  h1 {
    font-size: 1.7em;
    font-weight: 400;
    line-height: 1.3;
    margin: 0.68em 0;
  }
  * {
    -webkit-box-sizing: border-box;
    -moz-box-sizing: border-box;
    box-sizing: border-box;
  }
  *:before,
  *:after {
    -webkit-box-sizing: border-box;
    -moz-box-sizing: border-box;
    box-sizing: border-box;
  }
  html {
    -webkit-tap-highlight-color: rgba(0, 0, 0, 0);
  }
  body {
    font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
    line-height: 1.66666667;
    font-size: 13px;
    color: #333333;
    background-color: #ffffff;
    margin: 2em 1em;
  }
  p {
    margin: 0 0 10px;
    font-size: 13px;
  }
  .alert.alert-info {
    padding: 15px;
    margin-bottom: 20px;
    border: 1px solid transparent;
    background-color: #f5f5f5;
    border-color: #8b8d8f;
    color: #363636;
    margin-top: 30px;
  }
  .alert p {
    padding-left: 35px;
  }
  a {
    color: #0088ce;
  }

  ul {
    position: relative;
    padding-left: 51px;
  }
  p.info {
    position: relative;
    font-size: 15px;
    margin-bottom: 10px;
  }
  p.info:before, p.info:after {
    content: "";
    position: absolute;
    top: 9%;
    left: 0;
  }
  p.info:before {
    content: "i";
    left: 3px;
    width: 20px;
    height: 20px;
    font-family: serif;
    font-size: 15px;
    font-weight: bold;
    line-height: 21px;
    text-align: center;
    color: #fff;
    background: #4d5258;
    border-radius: 16px;
  }

  @media (min-width: 768px) {
    body {
      margin: 4em 3em;
    }
    h1 {
      font-size: 2.15em;}
  }

  </style>
  </head>
  <body>
    <div>
      <h1>Application is not available</h1>
      <p>The application is currently not serving requests at this endpoint. It may not have been started or is still starting.</p>

      <div class="alert alert-info">
        <p class="info">
          Possible reasons you are seeing this page:
        </p>
        <ul>
          <li>
            <strong>The host doesn't exist.</strong>
            Make sure the hostname was typed correctly and that a route matching this hostname exists.
          </li>
          <li>
            <strong>The host exists, but doesn't have a matching path.</strong>
            Check if the URL path was typed correctly and that the route was created using the desired path.
          </li>
          <li>
            <strong>Route and path matches, but all pods are down.</strong>
            Make sure that the resources exposed by this route (pods, services, deployment configs, etc) have at least one pod running.
          </li>
        </ul>
      </div>
    </div>
  </body>
</html>

Expected behaviour

HTTP Response 204

Steps to reproduce the issue

openssl s_client -connect quicktest-result-cff4f7147260.coronawarn.app:443 -cert ./cwa/newfile.crt.pem -key ./cwa/newfile.key.pem -state -debug -quiet -crlf <<eof
POST /api/v1/quicktest/results HTTP/1.1
Host: quicktest-result-cff4f7147260.coronawarn.app
User-Agent: curl/7.64.1
Accept: */*
Content-type: application/json
Content-Length: 102

{"testResults":[{"id":"c16d950f4efa1cb7de770dae0e727d5604bcd986d3738da1ea65c87046f13541","result":6}]}

eof

Your Question

Wie lange dauert es bis die Onboarding Kollegen die Zertifikate bereitstellen?

Sorry, korrigiert mich wenn ich falsch liege, aber nachdem wir die beiden CSR Dateien generiert haben und diese schicken, müssen wir doch auf die signierten Zertifikate von CWA warten oder? Oder gibt es irgendwo einen anderen Hebel wo man es antriggern kann? Integration ist auf unserer Seite soweit fertig warte nur noch auf die Zertifikate damit ich es gegen die WRU Server testen kann. Meine E-Mails an [email protected] werden glaube ich mittlerweile alle ignoriert, bekomme keine einzige Antwort. Habt ihr einen Ratschlag wo ich noch nachfragen kann? Habt ihr auch das selbe Problem?

Edit#1
Der Zugang für Testflight ist auch nicht angekommen... und dann bekommt man eine Mail, dass sich nur 1400 Teststellen registriert haben...

• Source File:
• Line(s):
• Question:

Hallo liebes Community,
Ein bekannter von mir und ich haben uns für die "Partnersystem" anmeldung registriert und haben den Zugang zum Schnelltestportal bekommen. Haben wir hier etwas übersehen? (hypotetische Frage...)
Freundliche Grüsse

Hi, the mailbox of the given e-mail address is full. I am not able to send a mail with a monthly update.

[email protected] ([email protected])
Das Postfach des Empfängers ist voll und kann zurzeit keine Nachrichten annehmen. Versuchen Sie zu einem späteren Zeitpunkt noch mal, Ihre Nachricht zu senden, oder wenden Sie sich direkt an den Empfänger.

Im trying to send the result api request and im getting 403 forbidden error.

           $result = 6;
            $array=array();
            $array["testResults"]=array();
            $array["testResults"][]=array("id"=>$hash,"result"=>$result);
            $payload = json_encode($array);

            $url = "https://quicktest-result-cff4f7147260.coronawarn.app/api/v1/quicktest/results";
            $cert = getcwd() . "/something.cer";
            $certkey= getcwd() . "/semething-wru.key";

            //open connection
            $ch = curl_init();
           
            //set options
            curl_setopt($ch, CURLOPT_HEADER, true);
            curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: application/json"));
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_USERAGENT, 'User-Agent: curl/7.39.0');
            curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($ch, CURLOPT_SSLCERT, $cert);
            curl_setopt($ch, CURLOPT_SSLKEY, $certkey);
            curl_setopt($ch, CURLOPT_SSLCERTPASSWD, '');
            curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'ticketbird');
            curl_setopt ($ch, CURLOPT_VERBOSE , 0);

            //execute post
            $response = curl_exec($ch);

            $info =curl_errno($ch)>0 ? array("curl_error_".curl_errno($ch)=>curl_error($ch)) : curl_getinfo($ch);
            echo "<br>";
            echo "<br>";
            print_r($info);
            //close connection
            curl_close($ch);

            echo $response;

Current Implementation

All information is stored in the Wiki. It's not possible for community contributors to edit the content of it.

Suggested Enhancement

Consider to use markdown files instead of GitHub Wikis.

Expected Benefits

The community can edit the content of the Wiki.

Describe the bug

QR code for personalised transmission to CWA is reported as being invalid.

Expected behaviour

QR code should be accepted by the app.

Steps to reproduce the issue

Sample implementation below. Two QR codes are being generated, personalised and pseudonymised.

The pseudonymised code works just fine, the personalised one will not be accepted. Link also does not work.

Is there something simple I'm missing? I quadruple-checked everything.

<?php

/* composer.json
{
    "name": "acme/cwa",
    "require": {
        "chillerlan/php-qrcode": "^3.4",
        "guzzlehttp/guzzle": "^7.3"
    }
}
*/

error_reporting(-1);
ini_set('display_errors', 'On');

require __DIR__ . '/vendor/autoload.php';

use chillerlan\QRCode\QRCode;
use chillerlan\QRCode\QROptions;
use GuzzleHttp\Client;

function create_qr_code($data, $options = ['scale' => 10]) {
    $options = new QROptions($options);
    $qr_code = (new QRCode($options))->render($data);

    return $qr_code;
}

function guidv4() {
    $data = PHP_MAJOR_VERSION < 7 ? openssl_random_pseudo_bytes(16) : random_bytes(16);
    $data[6] = chr(ord($data[6]) & 0x0f | 0x40);    // Set version to 0100
    $data[8] = chr(ord($data[8]) & 0x3f | 0x80);    // Set bits 6-7 to 10
    
    return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
};

$test_scan_url_base = 'https://s.coronawarn.app?v=1#';
$secret = '1Au+y[?qhC)>h.fL++&QYd:blA{5qL;mrb-7-|I.NQGh::=zC]R`>tE0bDH$uQA_';

$timestamp = time();
$salt = strtoupper(bin2hex(random_bytes(16)));


// Personalized

$dob = '1981-07-25';
$first_name = 'Max';
$last_name = 'Mustermann';
$id = guidv4();

$hash_personalized = hash_hmac(
    'sha256',
    sprintf('%s#%s#%s#%s#%s#%s', $dob, $first_name, $last_name, $timestamp, $id, $salt),
    $secret
);

$payload_personalized = [
    'fn'        => $first_name,
    'ln'        => $last_name,
    'dob'       => $dob,
    'timestamp' => $timestamp,
    'testid'    => $id,
    'salt'      => $salt,
    'hash'      => $hash_personalized,
];

$json_payload_personalized = json_encode($payload_personalized, JSON_UNESCAPED_UNICODE);
// The following doesn't work either, just in case their docs are serious about the whitespace.
// (Though the pseudo variant works with regular JSON, so …)
/*
$json_payload = sprintf(
    '{ "fn": "%s", "ln": "%s", "dob": "%s", "timestamp": %d, "testid": "%s", "salt": "%s", "hash": "%s" }',
    $first_name,
    $last_name,
    $dob,
    $timestamp,
    $id,
    $salt,
    $hash
);
*/
$base64_payload_personalized = base64_encode($json_payload_personalized);
$test_scan_url_personalized = $test_scan_url_base . $base64_payload_personalized;
$test_scan_qr_code_personalized = create_qr_code($test_scan_url_personalized);


// Pseudo

$hash_pseudo = hash_hmac(
    'sha256',
    sprintf('%s#%s', $timestamp, $salt),
    $secret
);

$payload_pseudo = [
    'timestamp' => $timestamp,
    'salt'      => $salt,
    'hash'      => $hash_pseudo,
];

$json_payload_pseudo = json_encode($payload_pseudo, JSON_UNESCAPED_UNICODE);
$base64_payload_pseudo = base64_encode($json_payload_pseudo);
$test_scan_url_pseudo = $test_scan_url_base . $base64_payload_pseudo;
$test_scan_qr_code_pseudo = create_qr_code($test_scan_url_pseudo);

?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>CWA</title>
</head>
<body>

    <h1>Personalisiert</h1>

    <p>
        <a href="<?= $test_scan_url_personalized ?>" target="_blank">Link</a>
    </p>

    <p>
        <img src="<?= $test_scan_qr_code_personalized ?>" width=300 alt>
    </p>

    <h1>Pseudonymisiert</h1>

    <p>
        <a href="<?= $test_scan_url_pseudo ?>" target="_blank">Link</a>
    </p>

    <p>
        <img src="<?= $test_scan_qr_code_pseudo ?>" width=300 alt>
    </p>
    
</body>
</html>

Hi @ilya-smirnov-berlin ,
there's a small issue in the first table of:
https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme#backend-integration

Testergebnis: Wertebereich should be -> 6 bis 8
(I guess, 5 was/is "pending" internally?)

Small question additionally: Can you estimate, when you will extend the Wiki https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/CWA-Schnelltest-Portal with more instructions regarding printing documents/handling of testees without app?

Thank you :)

Describe the bug

Information 'Anbindung Partnersysteme mit DCC'

The wiki states: The provision of a timestamp 'sc' (sample collected) is optional:
https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-an-CWA-mit-Verwendung-von-DCCs#upload-des-testergebnisses

Expected behaviour

The wiki must state: The provision of a timestamp 'sc' is REQUIRED.

Steps to reproduce the issue

Read wiki.

Possible Fix

Check if only the documentation is outdated/wrong, or if there is a problem with the implementation in quick-test-frontend, quick-test-backend, test-result-server and connection of 3rd-party-software.

Additional context

To issue a valid test DCC, a timestamp for the collected sample is required:
https://github.com/ehn-dcc-development/ehn-dcc-schema/blob/a603410d760fefc9073931c8c807759d9714c136/DCC.combined-schema.json#L212-#L220

Additionally, CWA (test result with or without DCC), other wallet apps and verifier apps (DCC) heavily rely on a correct sc timestamp.
If the 'sc' timestamp is not correct, it leads to problems, see
https://github.com/corona-warn-app/cwa-app-android/issues/3559
corona-warn-app/cwa-documentation#630

Also it looks like, that partner systems that create QR codes (or deeplinks) for CWA at the time of test registration with an included timestamp of the time of test registration (and not the time of sample collected, or at least time of testing appointment) deliver a wrong timestamp by default to CWA, what potentially may be used for fraud (see links above). Is there a way to prevent this?

Dear @mschulte-tsi and @ascheibal , could you kindly address these points (adapt documentation for partners, check implementations) and contact CWA team on how to handle 'sc' issues that pop up on CWA client side but seem to be caused server/3rd-party-side? Thank you in advance.

/cc @mlenkeit @thomasaugsten

Describe the bug

In the documentation the qrcode-url is described:

https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme#erstellung-von-qr-codes-f%C3%BCr-corona-warn-app

From our perspective

https://s.coronawarn.app?v=1

should be

https://s.coronawarn.app/?v=1

Expected behaviour / Possible Fix

https://s.coronawarn.app?v=1

should be

https://s.coronawarn.app/?v=1

Additional context

A library in our backend is causing problems because without the "/" the url is not considered a correct url.

Hello,

When uploading the DCC components, I get the status code: 500 with the example implementation in Python.
(https://github.com/corona-warn-app/cwa-quicktest-onboarding/tree/master/src/testcenter_simulator)

2021-07-17 13:48:22,830 root INFO Starting DCC lab simulator
2021-07-17 13:48:22,831 root INFO Endpoint: https://dcc-proxy-cff4f7147260.coronawarn.app
2021-07-17 13:48:22,831 root INFO Lab ID: 24848amtks1
2021-07-17 13:48:22,938 root INFO Polling response status code: 200 Length: 709
2021-07-17 13:48:22,938 root INFO Received DCC request: {'testId': '4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5', 'dcci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC', 'publicKey': 'MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAo1gUjrrfsTjpxjp6GAS+0c4vfl/OBtQPspNJ25US/6yDyh5YHpaEv8s05TDyiRS+JtLsKfzpWF0LYIRXmb/4+XJWkaSk2TIel18SvSkOb0idpYbN/BMD5Oq8Wac0ZaQ3c4KwyzQOmZD+eGRZoNDEPUogDpZIWKFATZKwMo0niyqMuM1ZnSezSjoJb8h7XIap+oA6J8RxlO7CZIuqBgEJ8Q+XPmg+CDM6RNyoDF9c28Q+By1q2v6x/jbsR/jwUaPyPPwXUNZh/o3iCi7/mBLNB6tCyQaNUFMJ2hdwmc4diK1HsW5mNoVk3+L0PPguW+LT07MA3HlpTEgJL5/YImRSe8liBty7RnRG9TYdbGfoOBkOKrLHddi2cXbbm0/hz708mtqB8x5K0YWJTR7hWem1LBkMbtmsRV2HqBgdAUYOhehXix/PH/OBhu81k1TLhaHhZT0b5IrnIqy3Jn1D/ck1VyyInEnUaabiaGmDVFVEAS85hVzQMOc4Q4Oe59OfOXMZAgMBAAE='}
2021-07-17 13:48:22,938 root INFO Using random negative test result
2021-07-17 13:48:22,938 root INFO DCC-DATA = {'ver': '1.3.0', 'nam': {'fn': 'Xzjdpyshsjoxmaq', 'fnt': 'XZJDPYSHSJOXMAQ', 'gn': 'Jdoaqybhmuiqd', 'gnt': 'JDOAQYBHMUIQD'}, 'dob': '1962-08-21', 't': [{'tg': '840539006', 'tt': 'LP217198-3', 'ma': '1437', 'sc': '2021-07-17T11:38:22Z', 'tr': '260415000', 'tc': 'Testzentrum der Vereine im Amt Kropp-Stapelholm', 'co': 'DE', 'is': 'Robert Koch-Institut', 'ci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC'}]}
2021-07-17 13:48:23,085 root INFO Upload encrypted data: TestID: 4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5 Status Code: 500
2021-07-17 13:48:33,165 root INFO Polling response status code: 200 Length: 709
2021-07-17 13:48:33,165 root INFO Received DCC request: {'testId': '4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5', 'dcci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC', 'publicKey': 'MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAo1gUjrrfsTjpxjp6GAS+0c4vfl/OBtQPspNJ25US/6yDyh5YHpaEv8s05TDyiRS+JtLsKfzpWF0LYIRXmb/4+XJWkaSk2TIel18SvSkOb0idpYbN/BMD5Oq8Wac0ZaQ3c4KwyzQOmZD+eGRZoNDEPUogDpZIWKFATZKwMo0niyqMuM1ZnSezSjoJb8h7XIap+oA6J8RxlO7CZIuqBgEJ8Q+XPmg+CDM6RNyoDF9c28Q+By1q2v6x/jbsR/jwUaPyPPwXUNZh/o3iCi7/mBLNB6tCyQaNUFMJ2hdwmc4diK1HsW5mNoVk3+L0PPguW+LT07MA3HlpTEgJL5/YImRSe8liBty7RnRG9TYdbGfoOBkOKrLHddi2cXbbm0/hz708mtqB8x5K0YWJTR7hWem1LBkMbtmsRV2HqBgdAUYOhehXix/PH/OBhu81k1TLhaHhZT0b5IrnIqy3Jn1D/ck1VyyInEnUaabiaGmDVFVEAS85hVzQMOc4Q4Oe59OfOXMZAgMBAAE='}
2021-07-17 13:48:33,166 root INFO Using random negative test result
2021-07-17 13:48:33,166 root INFO DCC-DATA = {'ver': '1.3.0', 'nam': {'fn': 'Ghhzsezcqxhnal', 'fnt': 'GHHZSEZCQXHNAL', 'gn': 'Zjidrkfp', 'gnt': 'ZJIDRKFP'}, 'dob': '1944-02-11', 't': [{'tg': '840539006', 'tt': 'LP217198-3', 'ma': '1437', 'sc': '2021-07-17T11:38:33Z', 'tr': '260415000', 'tc': 'Testzentrum der Vereine im Amt Kropp-Stapelholm', 'co': 'DE', 'is': 'Robert Koch-Institut', 'ci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC'}]}
2021-07-17 13:48:33,282 root INFO Upload encrypted data: TestID: 4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5 Status Code: 500
2021-07-17 13:48:43,371 root INFO Polling response status code: 200 Length: 709
2021-07-17 13:48:43,371 root INFO Received DCC request: {'testId': '4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5', 'dcci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC', 'publicKey': 'MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAo1gUjrrfsTjpxjp6GAS+0c4vfl/OBtQPspNJ25US/6yDyh5YHpaEv8s05TDyiRS+JtLsKfzpWF0LYIRXmb/4+XJWkaSk2TIel18SvSkOb0idpYbN/BMD5Oq8Wac0ZaQ3c4KwyzQOmZD+eGRZoNDEPUogDpZIWKFATZKwMo0niyqMuM1ZnSezSjoJb8h7XIap+oA6J8RxlO7CZIuqBgEJ8Q+XPmg+CDM6RNyoDF9c28Q+By1q2v6x/jbsR/jwUaPyPPwXUNZh/o3iCi7/mBLNB6tCyQaNUFMJ2hdwmc4diK1HsW5mNoVk3+L0PPguW+LT07MA3HlpTEgJL5/YImRSe8liBty7RnRG9TYdbGfoOBkOKrLHddi2cXbbm0/hz708mtqB8x5K0YWJTR7hWem1LBkMbtmsRV2HqBgdAUYOhehXix/PH/OBhu81k1TLhaHhZT0b5IrnIqy3Jn1D/ck1VyyInEnUaabiaGmDVFVEAS85hVzQMOc4Q4Oe59OfOXMZAgMBAAE='}
2021-07-17 13:48:43,371 root INFO Using random negative test result
2021-07-17 13:48:43,372 root INFO DCC-DATA = {'ver': '1.3.0', 'nam': {'fn': 'Uicxamx', 'fnt': 'UICXAMX', 'gn': 'Nhgyqrsipaxrxe', 'gnt': 'NHGYQRSIPAXRXE'}, 'dob': '1972-07-28', 't': [{'tg': '840539006', 'tt': 'LP217198-3', 'ma': '1437', 'sc': '2021-07-17T11:38:43Z', 'tr': '260415000', 'tc': 'Testzentrum der Vereine im Amt Kropp-Stapelholm', 'co': 'DE', 'is': 'Robert Koch-Institut', 'ci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC'}]}
2021-07-17 13:48:43,513 root INFO Upload encrypted data: TestID: 4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5 Status Code: 500
2021-07-17 13:48:53,601 root INFO Polling response status code: 200 Length: 709
2021-07-17 13:48:53,602 root INFO Received DCC request: {'testId': '4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5', 'dcci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC', 'publicKey': 'MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAo1gUjrrfsTjpxjp6GAS+0c4vfl/OBtQPspNJ25US/6yDyh5YHpaEv8s05TDyiRS+JtLsKfzpWF0LYIRXmb/4+XJWkaSk2TIel18SvSkOb0idpYbN/BMD5Oq8Wac0ZaQ3c4KwyzQOmZD+eGRZoNDEPUogDpZIWKFATZKwMo0niyqMuM1ZnSezSjoJb8h7XIap+oA6J8RxlO7CZIuqBgEJ8Q+XPmg+CDM6RNyoDF9c28Q+By1q2v6x/jbsR/jwUaPyPPwXUNZh/o3iCi7/mBLNB6tCyQaNUFMJ2hdwmc4diK1HsW5mNoVk3+L0PPguW+LT07MA3HlpTEgJL5/YImRSe8liBty7RnRG9TYdbGfoOBkOKrLHddi2cXbbm0/hz708mtqB8x5K0YWJTR7hWem1LBkMbtmsRV2HqBgdAUYOhehXix/PH/OBhu81k1TLhaHhZT0b5IrnIqy3Jn1D/ck1VyyInEnUaabiaGmDVFVEAS85hVzQMOc4Q4Oe59OfOXMZAgMBAAE='}
2021-07-17 13:48:53,602 root INFO Using random negative test result
2021-07-17 13:48:53,602 root INFO DCC-DATA = {'ver': '1.3.0', 'nam': {'fn': 'Dtgafdzupdrm', 'fnt': 'DTGAFDZUPDRM', 'gn': 'Widkbbattxhbvr', 'gnt': 'WIDKBBATTXHBVR'}, 'dob': '1984-03-12', 't': [{'tg': '840539006', 'tt': 'LP217198-3', 'ma': '1437', 'sc': '2021-07-17T11:38:53Z', 'tr': '260415000', 'tc': 'Testzentrum der Vereine im Amt Kropp-Stapelholm', 'co': 'DE', 'is': 'Robert Koch-Institut', 'ci': 'URN:UVCI:V1:DE:E9EIHYGQGVXY5PDG45C0XKCRHC'}]}
2021-07-17 13:48:53,711 root INFO Upload encrypted data: TestID: 4eb04dae2fadbc2f66928e0bf1bc9efa78ee4d483795c8a4fe9c77766859b4a5 Status Code: 500

I have this problem on the WRU server.

Can you help me?

Best wishes
René

Hallo zusammen,

nach der Datenerfassung müssen die Daten geprüft, der QR Code gescannt, under der Vorgang abgeschlossen werden.
Nach de, klick auf Vorgang abschließen erschein folgende Meldung:

Es ist ein Fehler aufgetreten: Request failed with status code 500

Es können somit keine Testungen angelegt werden. Das bereits seit mehreren Stunden!

Wer kann helfen?

Lg MJ

Describe the bug

Expected behaviour

Steps to reproduce the issue

Possible Fix

Additional context

Your Question

Hi, i have a problem with WRU and i am not sure why this happens. We have integrated the CWA with DCC and i can add the certificate in the Testflight CWA, get the EU Certificate and i can also validate the QR Code for every country inside of the CWA. Everything looks pretty good. But when i now try to validate the same QR code with the mentioned dgca-verifier-app-android verify app i get "Verification failed" or "Signing Certificate is expired.". I am not sure why this happens? Testflight CWA Version is 2.6.0.

This DCC QR Code must be valid in WRU until tomorrow. If you add it to CWA Testflight it is fine. If you scan it with the verifier app it is not valid.

Hello,
currently I am trying to implement the DCC functionality into my quick test application. When I post the DCC to <URL>/version/v1/test/<testid>/dcc I get 200 as a status. What does that mean? According to the API description 200 can never be returned. Any clue?

Thanks

Current Implementation

on:
https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/FAQ#warum-f%C3%BChrt-ein-app-link-nicht-zur-cwa-sondern-zum-browser--app-store--google-play

is a typo:
nicht zur CWA kommt, sondern aud die Seite https://s.coronawarn.app oder zum Ap

Suggested Enhancement

fix the typo

Expected Benefits

Wie kann man in PHP das Testergebnis versenden und sich mit dem bereitgestellten Key zertifizieren? gibt es hierfür eine Anleitung (Dokumentation) und ein Programmierbeispiel für PHP ?

Thank you first of all for writing up all of this. Was wondering if it is planned to have English translations done?

Kann auch vor Vertragsabschluss (die Dokumente sind ja noch in Arbeit) jetzt schon ein Zugang zur Testumgebung des CWA Schnelltestportal eingerichtet werden?

Hey,

i handed over a testResult of 6, but when i now retrieve the result with /api/v1/quicktest/result (which from time to time throws me a 500 Internal Error by the way) it says 5. I double-checked payloads etc. Any idea? The ID for WRU from the Result-JSON is d79e55fbf9a277d8d003ae85eb0b8db986a83ed966e4ab318bac7b43fe657739 .

Thanks and take care
Florian

Hey,

i added the quicktest upload to a system of a client of mine. Everything is working fine so far (as far as i can tell as i don't have a iOS device at hand to use the testversion of the CWA), i am getting a 204 response for the upload with

https://quicktest-result-cff4f7147260.coronawarn.app/api/v1/quicktest/results

But when i then try to check the test result with the endpoint

https://quicktest-result-cff4f7147260.coronawarn.app/api/v1/quicktest/result

with the payload

{
    "id": "<SHA-256 signature from the id value from the testResult object>"
}

i am getting a 500 Internal Server Error response. As far as i understand the docs at

https://github.com/corona-warn-app/cwa-quicktest-onboarding/blob/master/api/quicktest-openapi.json

that endpoint should be giving the result of a test specified by ID in a JSON object. Or am i wrong? Trying with the ID from the wiki also gives a 500 Internal Server Error response.

Thanks and take care
Florian

Test result in CWA without personal information for positive test results

If we submit an issue with personal data included, the negative test result shows up with the personal information in the CWA. For positive test results, we only get the result without any personal information in the app. Is this the intended behavior?

I cannot find any information on this, but I also cannot find any image for a personalized positive test result.

Hallo Freunde des CWA's :)
Ich musste mir gezwungener Maßen einen Iphone bestellen für die Testumgebung aber diese kommt erst übermorgen an. trotzdem möchte ich am Projekt weiterarbeiten und habe mal ein PHP zum Testserver ausgeführt.

https://github.com/corona-warn-app/cwa-quicktest-onboarding/blob/master/src/quicktest_upload.php

als Antwort bekomme ich folgendes und frage mich, ob das so i.O. ist (habe bei IP's ein "X" nachgestellt):

Array
(
[url] => https://quicktest-result-cff4f7147260.coronawarn.app/api/v1/quicktest/results
[content_type] =>
[http_code] => 204
[header_size] => 366
[request_size] => 158
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.132351
[namelookup_time] => 0.000678
[connect_time] => 0.014425
[pretransfer_time] => 0.077597
[size_upload] => 121
[size_download] => 0
[speed_download] => 0
[speed_upload] => 916
[download_content_length] => 0
[upload_content_length] => 121
[starttransfer_time] => 0.077635
[redirect_time] => 0
[redirect_url] =>
[primary_ip] => 80.158.XX.XXX
[certinfo] => Array
(
)

[primary_port] => 443
[local_ip] => 192.168.XX.XXX
[local_port] => 46XXX
[http_version] => 3
[protocol] => 2
[ssl_verifyresult] => 0
[scheme] => HTTPS
[appconnect_time_us] => 77378
[connect_time_us] => 14425
[namelookup_time_us] => 678
[pretransfer_time_us] => 77597
[redirect_time_us] => 0
[starttransfer_time_us] => 77635
[total_time_us] => 132351

)

Vielen Dank schon mal für jeglichen Feedback

Describe the bug

During first login to an administrator account, an OTP Key is generated. This connects the administrator account to a specific OTP generator on a specific device. Changing the OTP generator or the device is not possible after it has been done once. It is, however, possible (and deceptively easy) to delete the administrator account. Doing this immediately leads to HTML 500 errors and the administrator account can not be reset. It is possible to request credentials to be reset using the onboarding email, however no confirmation email is sent.

Expected behaviour

1. the administrator account is reset to it's initial state and the account can be set up again as before.
2. a very clear warning is given to the user that deleting the administrator account completely revokes access to the platform. Upon deleting the account, the user is gracefully logged out and given confirmation of a successful deleting instead of a 500 Error.

Steps to reproduce the issue

1. delete administrator account

Possible Fix

1. option to set up a new OTP device after initial set up

hello,
i am using the given request in php, but i am getting 400 error.

<?php

$url = "https://quicktest-result-cff4f7147260.coronawarn.app?v=1#eyAiZm4iOiAiRXJpa2EiLCAibG4iOiAiTXVzdGVybWFubiIsICJkb2IiOiAiMTk5MC0xMi0yMyIsICJ0aW1lc3RhbXAiOiAxNjE4Mzg2NTQ4LCAidGVzdGlkIjogIjUyY2RkZDhlLWZmMzItNDQ3OC1hZjY0LWNiODY3Y2VhMWRiNSIsICJzYWx0IjogIjc1OUY4RkYzNTU0RjBFMUJCRjZFRkY4REUyOThEOUU5IiwgImhhc2giOiAiNjdhNTBjYmE1OTUyYmY0ZjZjN2VjYTg5NmMwMDMwNTE2YWIyZjIyOGYxNTcyMzc3MTJlNTJkNjY0ODlkOTk2MCIgfQ";
$cert = __DIR__ ."/output.crt";
$certkey= __DIR__ .'/ctc-wru.key';

//open connection
$ch = curl_init();

//set options
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: application/json"));
curl_setopt($ch, CURLOPT_URL, $url);
// curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSLCERT, $cert);
curl_setopt($ch, CURLOPT_SSLKEY, $certkey);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, '');
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'xxxxxx');
curl_setopt ($ch, CURLOPT_VERBOSE , 0);

//execute post
$result = curl_exec($ch);
if (curl_errno($ch)) {
    $error_msg = curl_error($ch);
}
//close connection
curl_close($ch);
print_r($error_msg);
echo '<br>';
print_r($result);exit;

Here is my code.
output.crt file is provided by the cornawarn-app server.
ctc-wru.key is the generated by ubuntu (as mentioned in the wiki) (Link : https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme)

Can anybody tell me where i am making mistake.
Thanks.

Your Question

• Source: https://twitter.com/phoenix_de/status/1399698359066284039?s=20
• Question:
  The Federal Minister of Health announced in the "Bundespressekonferenz" today: "[…] dass alle Teststellen die abrechnen können wollen nach der Verordnung an die Corona-Warn-App digital sich anschließen müssen.".
  What will be the influence of this decision on the onboarding process for new quick test partners?
  Will the onboarding be more easy? Or what's the plan to handle so many requests?

Beim Übermitteln des Testergebnisses bekomme ich immer {"testResult":5} als Antwort (Code: 200), egal ob anonymisiert oder nicht. Ist das so gewollt? Kann man im WRU Modus kein valides Ergebnis übermitteln, welches man im Testflight dann auch als gültiges Ergebnis abrufen kann?

Mein JSON body sieht folgendermaßen aus:

{
  "id": "acd0977c026d65644cc66dd61dfea8b3499823600bb62156f55c4be7993c3959",
  "result": 8,
  "sc": 1629799419
}

Leider ist die Dokumentation der Implementierung sehr mager und lässt viele Fragen offen...

Hi 👋

I would suggest that you consider to rename this repository from cwa-quicktest-oboarding to cwa-quick-test-onboarding to match the naming of the cwa-quick-test-frontend & cwa-quick-test-backend repository.

Please note that this should only be done if links to this repo weren't widely spread yet, since a renaming will break the old links.

Describe the bug

The wiki uses the term "Corona Warn App" without any hyphens, in these documents:

• https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme
• https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Vertragsabschluss
• https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Checkliste-Abnahmetest
• https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/CWA-Schnelltest-Portal
• https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/FAQ

Expected behaviour

Corna-Warn-App should be written with hyphen.

Possible Fix

Write Corona-Warn-App with hyphen.

Additional context

I'd like to fix this myself, in fact I even prepared it, but I can't edit wikis in any form, sorry.
See #7

For these 2 fields, red marked on the Screenshot, there are no labels defined in vCard-Spec. The documentation for the QR-Code is also missing in the documents.
What are the correct vCard-labels to fill those two fields?

Iam trying to convert the HCERT-Container (CBOR) to a byte string. But how should i handle the object key -260 in JavaScript. Its not valid JSON. And if iam wrapping the -260 in quotes i dont get the correct byte string. Any ideas somebody?

In https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme-ohne-DCC
you write:
Input für das Base64 Encoding (Leerzeichen beachten!):
Question:
Is it true that despite of RFC8259 (where whitespaces between and around objects will be ignored) whitespaces are mandatory?

Describe the bug

https://github.com/corona-warn-app/cwa-quicktest-onboarding/blob/master/api/quicktest-openapi.json states

"responses": {
  "204": {
    "description": "Content created"
  },
  "400": {
    "description": "Client Certificate not accepted" 
  }
}

That's just half of the truth. If you have a json object format error, you will also get 400, although your client cert. is corret.

Expected behaviour

Update docs to reflect, that 400 is not only caused by Client Certificate not accepted, but can have other reasons, too.

Steps to reproduce the issue

Just forget to make an array for the rest result, you'll get 400.

Possible Fix

Update docs

Additional context

Hallo,

folgendes Problem. Im Adminbereich habe ich die Daten unseres Schnelltestportales eingetragen. Seit dem ist die URL nicht mehr zu erreichen. Der Support reagiert leider nicht unter der angegebenen Mail. Gibt es hier einen Mitarbeiter von T-Systems, der sich dem Problem annehmen kann?

Vielen Dank!
Schöne Grüße
Ralf

Describe the bug

There are different definitions how the rest result is encoded in numeric values:

https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme#backend-integration:

vs.

https://github.com/corona-warn-app/cwa-testresult-server/blob/master/docs/architecture-overview.md#implemented-use-cases

Expected behaviour

Consitency of the docs, or I understood something wrong.

Steps to reproduce the issue

Read the Docs :-)

Possible Fix

Additional context

Current Implementation

Der URL base64 encoded String nach https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme#variante-mit-pers%C3%B6nlichen-daten ist aus folgendem JSON-Dump erzeugt:

{ "fn": "Erika", "ln": "Mustermann", "dob": "1990-12-23", "timestamp": 1618386548, "testid": "52cddd8e-ff32-4478-af64-cb867cea1db5", "salt": "759F8FF3554F0E1BBF6EFF8DE298D9E9", "hash": "67a50cba5952bf4f6c7eca896c0030516ab2f228f157237712e52d66489d9960" }

Zu senhen ist jeweils ein Space nach dem ersten { und vor dem letzten }.

Übliche Implementationen zur JSON-Serialisierung bilden diesen allerdings nicht, z.B. in Pyhton json_data = json.dumps(jsonobj)

Ergebnis:

{"fn": "Erika", "ln": "Mustermann", "dob": "1990-12-23", "timestamp": 1618386548, "testid": "52cddd8e-ff32-4478-af64-cb867cea1db5", "salt": "759F8FF3554F0E1BBF6EFF8DE298D9E9", "hash": "67a50cba5952bf4f6c7eca896c0030516ab2f228f157237712e52d66489d9960"}

Suggested Enhancement

Dies liefert natürlich auch andere base64 Werte. Ich habe nun einige Zeit daran gesucht und würde Sie bitten,

1. Wenn die Spaces notwendig sind, dies zu erwähnen, oder
2. Ein Beispiel der verwendeten Serialisierung ebenfalls als String zu nennen, so dass man den Unterschied schneller findet.

Ggf. sind ja auch beide Varianten erlaubt, vielleicht weisen Sie aber dennoch darauf hin, dass einige Default-Libs wie z.B. in Python keine Leerzeichen ausgeben und daher der base64 Wert auch anders ist.

Vielen Dank

Expected Benefits

The searchPublicKeys endpoint always returns a HTTP 200 with an empty body. No matter how many requests we make. Have anybody an idea what we are doing wrong?

Current Implementation

https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki Does not mention the e-mail address.

Suggested Enhancement

Mention your e-mail address there.

Expected Benefits

Potential customers will have it easier to contact you if they have questions, etc.

Current Implementation

1. The testid should be uuid type 4 with a max length of 35, but even the example testid contains 36 characters. (picture 1)
2. The result json object consists of 3 attributes, but in the text it says there are only two. (picture 2)

Suggested Enhancement

1. correct the length in the description (35 -> 36)
2. The text should be corrected to say 3 attributes instead of two.

Expected Benefits

Correct wiki

What should be the CSR generated file.

• Source File:
• Line(s):
• Question:

Hallo,

unser System wurde am 29.07. abgenommen. Seitdem warten wir erfolglos auf die Installierung unseres Client Zertifikat auf dem Produktivsystem.
Wir bekommen mit unseren Zertifikaten einen 403 Fehler beim Zugriff auf das Produktivsystem zurück.

Was können wir tun?

Hier unser Verlauf:

12.07.2021 Bitte zur Abnahme an [email protected]
20.07.2021 Durch Eskalation an Hr. M. haben wir schließlich Kontakt zu Jörg N. bekommen
22.07.2021 Nach mehrmaligen Versuchen haben wir Jörg N. erreicht und konnten einen Termin zur Abnahme für den 29.07.2021 vereinbaren.
29.07.2021 Erfolgreiche Abnahme durch Jörg N.
02.08.2021 Nachfrage bei Jörg N., da wir noch kein Zertifikat bekommen haben
04.08.2021 Rückfrage von Fr. S.: Hr. Roland P. denen wir unsere initiale CSR zugesendet hatten, ist nicht mehr im Team. Fr. S. hat daher bei uns erneut das CSR angefragt
05.08.2021 Zusendung des Client Zertifikates durch Lutz S. mit dem Hinweis, dass es 24 Stunden bis zur Freischaltung dauern kann
06.08.2021 Wir bekommen vom Produktivsystem immer noch eine 403 Meldung. Nachfrage bei Hr. Lutz S.
08.08.2021 Wir bekommen vom Produktivsystem immer noch eine 403 Meldung. Nachfrage bei Hr. Lutz S.
11.08.2021 Anfrage bei Fr. S. Hier haben wir die Rückmeldung bekommen, dass Herr Lutz S. in Urlaub ist
12.08.2021 Anfrage von Fr. S., ob unser Zertifikat die richtige Seriennummer hat

...

Zwichendurch haben wir mehrmalige Nachfragen an [email protected] gesendet ohne eine Antwort zu bekommen.

my hex is:

846A5369676E61747572653143A1012640590115A401624445041A60F1F9A5061A60EF56A5390103A101A4617481A9626369782955524E3A555643493A56313A44453A49495938423657513938344A4A3849554C304838564B5255444E62636F62444562697374526F62657274204B6F63682D496E737469747574626D61643133333362736374323032312D30372D31345431383A31383A30345A627463744A75657267656E7320546573747A656E7472756D62746769383430353339303036627472693236303431353030306274746A4C503231373139382D3363646F626A313938302D30312D3031636E616DA462666E6A4D75737465726D616E6E62676E654572696B6163666E746A4D55535445524D414E4E63676E74654552494B416376657265312E332E30

what is the CBOR:
{1: "DE", 4: 1626470821, 6: 1626298021, -260: {1: {"t": [{"ci": "URN:UVCI:V1:DE:IIY8B6WQ984JJ8IUL0H8VKRUDN", "co": "DE", "is": "Robert Koch-Institut", "ma": "1333", "sc": "2021-07-14T18:18:04Z", "tc": "Juergens Testzentrum", "tg": "840539006", "tr": "260415000", "tt": "LP217198-3"}], "dob": "1980-01-01", "nam": {"fn": "Mustermann", "gn": "Erika", "fnt": "MUSTERMANN", "gnt": "ERIKA"}, "ver": "1.3.0"}}}

If I send that to the WRU-Server i get valid response but if I check that on the IOS Testflight App I get the error "Dieser QR-Code ist kein gültiges Impfzertifikat (VC_HC_CWT_NO_ISS)".

For my understanding, Encryption and everything is fine but there might be a error in the DCC because the app tries to use that as a Vaccine-certifiate instead of a DCC?

Any hints?

Your Question

Der folgende Satz im Wiki macht keinen Sinn und sollte korrigiert werden:

Für den Zugang zum DCC-Server benötigen keine neue Clientzertifikate zu erstellen.

https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-an-CWA-mit-Verwendung-von-DCCs

Unter https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/FAQ#wie-ist-der-qr-code-aufgebaut-und-wird-die-cwa-guid-erzeugt wird erwähnt, dass in der verlinkten Seite https://github.com/corona-warn-app/cwa-quicktest-onboarding/wiki/Anbindung-der-Partnersysteme#erstellung-von-qr-codes-f%C3%BCr-corona-warn-app erkärt wird, wie die GUID aufgebaut ist. Allerdings ist das Wort GUID nicht auf der Seite vorhanden.

Frage: Was genau ist die GUID, welche wohl auch zur Übermittlung des Testergebnisses notwendig ist? Ist es der SHA256-Hash?

Vielen Dank

Your Question

There are quite many issues that are not answered in this repository.
Who is responsible for this? For which issues should this repository be used?

cc @dsarkar @heinezen 

Hallo an alle,
bin erfolgreich in der Testumebung aktiv und möchte ich einen "Namentlichen" QR-Code über über IOS Kamera scannen steht da:
"FEHLER - Der QR-Code kann keinen Schnelltest zugeordnet werden. Bitte scannen Sie einen geeigneten QR-Code.".

Scanne ich den Code über CWA-DEV-APP steht:
"QR-code ist ungültig - Der QR-Code ist ungültig oder wurde bereits auf einem Smartphone registriert. .... usw"

Scanne ich den mit der Liveversion auf einem anderen Gerät (nicht testflight) funktioniert der Code..... und es steht Ihr testergebnis steht noch nicht bereit.. oder so.

Ich erwähne noch schnell, dass die Pseudo anmeldung hervorragend klappt in jeder Konstellation.. auch mit Ergebnissen auf Testflight.
Ich kann mir das nicht erklären.

Das Funktioniert bestens:
$cwa_hash = strtolower (hash("sha256","$cwa_timestamp#$cwa_salt")); $cwa_TE = '{"timestamp":'.$cwa_timestamp.',"salt":"'.$cwa_salt.'","hash":"'.$cwa_hash.'"}';

Das erzeugt den Fehler:
$cwa_hash = strtolower (hash("sha256","$cwa_timestamp#$cwa_salt")); $cwa_TE = '{"timestamp":'.$cwa_timestamp.',"salt":"'.$cwa_salt.'","hash":"'.$cwa_hash.'"}';

zu Testzwecken sieht mein Code wie folgt aus:
`if($cwa == "cwaperso"){
// Perso
$cwa_hash = strtolower (hash("sha256","$cwa_dob#$cwa_fn#$cwa_ln#$cwa_timestamp#$cwa_testid#$cwa_salt"));
$cwa_TE = '{"fn":"'.$cwa_fn.'","ln":"'.$cwa_ln.'","dob":"'.$cwa_dob.'","timestamp":'.$cwa_timestamp.',"testid":"'.$cwa_testid.'","salt":"'.$cwa_salt.'","hash":"'.$cwa_hash.'"}';
}else{
// Pseudo Daten
$cwa_hash = strtolower (hash("sha256","$cwa_timestamp#$cwa_salt"));
$cwa_TE = '{"timestamp":'.$cwa_timestamp.',"salt":"'.$cwa_salt.'","hash":"'.$cwa_hash.'"}';
}

#$cwa_url = strtr( base64_encode($cwa_TE), '+/=', '-,' );
$cwa_url = base64_encode($cwa_TE);
$encode_mit_url = "https://s.coronawarn.app?v=1#$cwa_url";
QRcode::png($encode_mit_url, $tempDir.'cwa'.$cwa_testid.'.png', QR_ECLEVEL_H, 5);
$cwa_qrcode = ''.$tempDir.'cwa_'.$cwa_testid.'.png';
`

Hello,

i got my Production certificat but when i send result i am getting this error:

Array
(
    [curl_error_58] => unable to set private key file: '/usr/www/users/tickee/delta/frontend/web/xxx-prod.key' type PEM
)

why i am getting this error ?

• Source File:

             $resultCode = 0;
              if($model->result == "NEGATIVE"){
                  $resultCode = 6;
              }elseif($model->result == "POSITIVE"){
                  $resultCode = 7;
              }elseif($model->result == "UNGULTIG"){
                  $resultCode = 8;
              }

              $array=array();
              $array["testResults"]=array();
              $array["testResults"][]=array("id"=>$model->cwa_hash,"result"=>$resultCode, "sc" => $model->cwa_timestamp);
              $payload = json_encode($array);

              //print_r($payload);
             

              //Live
              $urlProd = "https://quicktest-result.coronawarn.app/api/v1/quicktest/results";
              $certProd = getcwd() . "/xxx-prod.schnelltestportal.de-Server-xxxx.cer";
              $certkeyProd = getcwd() . "/xxx-prod.key";
              

              //open connection
              $ch = curl_init();

              //set options
              curl_setopt($ch, CURLOPT_HEADER, true);
              curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-type: application/json"));
              curl_setopt($ch, CURLOPT_URL, $urlProd);
              curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
              curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
              curl_setopt($ch, CURLOPT_SSLCERT, $certProd);
              curl_setopt($ch, CURLOPT_SSLKEY, $certkeyProd);
              curl_setopt($ch, CURLOPT_SSLCERTPASSWD, '');
              curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'xxxxx');
              curl_setopt ($ch, CURLOPT_VERBOSE , 0);