#Kamiyabali-webhook
dire robin
versed swift
Php SDK
dusty cove
Hi @versed swift I'm taking over, is it about signature verification?
versed swift
yes
I have webhook_secret like this we_1LeZ8BSAvJMUlJgAGOD77zPs
is this correct ??
cause everyone has secret start with
whsec_
okay , i found iam using wrong signing secret.
dusty cove
no, we_xxx is not a webhook secret.
versed swift
let me check with this whsec_8XNdl1BGm14Xs5Skz6tZ8nO4QWvEtlEd
still got this No signatures found matching the expected signature for payload
stripe-signature:
t=1662441040,v1=a7ab5589af994cacee5c978274bf2f0031a4757900c20ff6e21d26312db92041,v0=d60867f09d96965ba8fb1aa6d9fdb40b0f0b44ed7b899c4ecc03471766cf7710
versed swift
Hello ???
dusty cove
Thanks for the waiting. Discord is busy.
Did you get the webhook secret from CLI or Dashboard?
so CLI or Dashboard?
versed swift
dashboard
versed swift
still got this No signatures found matching the expected signature for payload
i got this details
can you check from your end ??
dusty cove
Yes I'm checking
please also remove webhook secret from this chat, discord is a public place
Can you share with me the full source code?
dusty cove
text file please
versed swift
dusty cove
Can you change $sig_header = $request->header('stripe-signature'); to
$sig_header = $_SERVER['HTTP_STRIPE_SIGNATURE']; ?
dusty cove
Also change $payload = file_get_contents('php://input'); to $payload = @file_get_contents('php://input');
versed swift
still same issue.
dusty cove
can you do a echo $sig_header and see what you get?
versed swift
string(148) "t=1662441040,v1=a7ab5589af994cacee5c978274bf2f0031a4757900c20ff6e21d26312db92041,v0=d60867f09d96965ba8fb1aa6d9fdb40b0f0b44ed7b899c4ecc03471766cf7710"
dusty cove
I know I've asked, but can you do a echo $endpoint_secret and see if it returns the correct webhook secret? You don't need to paste the result here.
versed swift
yes it returns correct
dusty cove
Your code looks OK to me, it should work if the webhook secret is set correctly.
versed swift
I am sure about the webhook secret it is correct
Can you tell me how can i verify it manually?
i have tried this but not verified
dusty cove
Here's the doc for verifying manually https://stripe.com/docs/webhooks/signatures#verify-manually
But I really recommend you to use the official library instead of doing it manually.
versed swift
Here's the doc for verifying manually https://stripe.com/docs/webhooks/signature...
Tried already but not not match signature
versed swift
is there any problem of not activating payments ??
dusty cove
What do you mean by not activating payments ?
versed swift
dusty cove
Ah, this is about activating your account.
You need to activate if you want to switch to live mode, but you can continue in test mode without activating
versed swift
so signature verification working fine in test mode right ??
dusty cove
Yes, it will work in test mode
Can i suggest you to write in to us ( https://support.stripe.com/contact) and send us the whole project so that we can reproduce the problem?
versed swift
is there any use of this webhook ID ?
dusty cove
You can use this ID to programmatically manage the webhook endpoint (https://stripe.com/docs/api/webhook_endpoints/update?lang=cli#update_webhook_endpoint)