RedTrust KSP with TLS 1.2 Client Certificate

The EVOLIUM REDTRUST CSP is not capable of signing a non-hash. In other words, it’s not possible to do TLS 1.2 with client certificates with the RedTrust KSP. This is a common problem in CSP/KSP implementations.  They assume that everything to be signed is a hash, such as SHA1, SHA256, SHA384, SHA512, and require the hash algorithm to be specified […]

InvalidAuthenticationToken message IDX14100 JWT is not well formed, there are no dots

Question: When I try to send: Set resp = http.PostJson2(“”,”application/json”,json.Emit()) I am getting this response: { “error”: { “code”: “InvalidAuthenticationToken”, “message”: “IDX14100: JWT is not well formed, there are no dots (.). The token needs to be in JWS or JWE Compact Serialization Format. (JWS): ‘EncodedHeader.EndcodedPayload.EncodedSignature’. (JWE): ‘EncodedProtectedHeader.EncodedEncryptedKey.EncodedInitializationVector.EncodedCiphertext.EncodedAuthenticationTag’.”, “innerError”: { “date”: “2024-05-13T15:26:14”, “request-id”: “…”, “client-request-id”: “…” } } } Failed, […]

Malaysia E-Invoicing (MyInvois) User Questions Answered

(Questions paraphrased and published here with prior permission from the user.) Question 1 Our application is file-server based which can be accessed by multiple users over LAN. Quite likely, there will be multiple users and/or applications submitting their e-invoices. Can one certificate file be shared and used by multiple applications? What are the differences between the two certificate types and […]

PEPPOL 403 Forbidden Problem Solved

The PEPPOL test server at requires the “User-Agent” header field to be present.  For example, a GET request to /v1/peppol/status  is successful if the User-Agent header is present, and the returned response is: HTTP/1.1 200 OK Date: Thu, 09 May 2024 12:28:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 42 Connection: keep-alive x-amzn-RequestId: **** access-control-allow-origin: * x-amzn-Remapped-content-length: 42 x-amz-apigw-id: **** etag: […]

What Replaced Old Chilkat Async Methods?

In the distant past, there were some Chilkat classes that had a few ad-hoc Async methods and properties.  For example, the Ftp2 class contained the methods AsyncPutFileStart, AsyncGetFileStart, AsyncAppendFileStart, and properties such as AsyncFinished, AsyncSuccess, and AsyncLog. A number of years ago, these were replaced with a consistent and standard async model that applies to any Chilkat method in any […]

Adobe Acrobat DC — Fixing up Form Fields?

A Chilkat customer signed a PDF using the Chilkat API. There were no errors, and the output PDF seemed to be signed. Using the Chilkat API to verify the signed PDF was also successful. Chilkat could see the signature and validated it successfully. However, the signature in the signed PDF could not be seen in Adobe Acrobat DC. When the […]

XmlDSig Error: Did not find same-document Reference Id

If signing XML fails with the following message in the LastErrorText: … Doing first SAX parse… checkAllReferencesFound: passNumber: 1 reference: Did not find same-document Reference Id referenceId: id-1234567890 –reference –checkAllReferencesFound … It means there was no XML element in the XML you were trying to sign that has an Id attribute with the given value. For example, your source code […]

Office365 – 451 4.7.0 Temporary server error. Please try again later. PRX5

A Chilkat user is getting this error response from He successfully got his OAuth2 access token, but then when trying to send the email, the Office365 server responded with this error indicating a temporary problem: “451 4.7.0 Temporary server error. Please try again later. PRX5 …” This is not an error caused because of the Chilkat implementation. Some temporary […]

How to Upload a .zip to Firebase Storage

Many developers would like to interact with Firebase from programming languages or operating systems that are not directly supported by Google. For example, looking at the documentation here:, we can see how to interact with Firebase storage from iOS+, Android, C++, etc. using Google’s SDK. Unless we know the actual raw HTTP requests and responses, we can’t implement from […]