sign-message on php 8.3
9 views
Skip to first unread message
micro passion 76
Sep 16, 2025, 3:57:55 AM (11 days ago) Sep 16
to qz-p...@googlegroups.com
Hi QZ Tray Team,
I encountered an issue after upgrading my server from PHP 7.3 to PHP 8.3.
Previously, I used:
openssl_sign($req, $signature, $privateKey);
to sign requests, and QZ Tray accepted the signature.
In PHP 8.3, this is deprecated, so I changed to:
openssl_sign($data, $signature, $privateKey,
OPENSSL_ALGO_SHA256);
However, QZ Tray does not recognize this signature.
I understand that QZ Tray only accepts SHA1withRSA signatures.
With PHP 8.3 + OpenSSL 3.x, I am unable to generate SHA1withRSA signatures because SHA1 is disabled by default in OpenSSL 3.x for security reasons.
Could you please confirm the recommended approach to generate SHA1withRSA signatures compatible with QZ Tray on modern PHP/OpenSSL versions?
Thank you for your support.
Best regards,
Lite Finocchiaro
Sep 16, 2025, 11:29:34 AM (10 days ago) Sep 16
to micro passion 76, qz-p...@googlegroups.com
I understand that QZ Tray only accepts SHA1withRSA signatures.
What version of QZ-Tray are you using?
What version of qz-tray.js on the server?
QZ-Tray has supported more complex signature algorithms since 2.1.0:
We have also recommended SHA512 in our PHP example for a while now:
I would recommend using the most recent qz-tray.js and adding the qz.security.setSignatureAlgorithm() function; I believe this will solve your problem.
Please let us know if this problem persists, and we'll attempt to reproduce using the most recent libraries.
Kind regards,
Lite Finocchiaro
VP, QZ Industries
--
You received this message because you are subscribed to the Google Groups "qz-print" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qz-print+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/qz-print/f9fdd225-b5a2-41b0-ac2b-a033b51c1669%40micropassion76.com.
Tres Finocchiaro
Sep 16, 2025, 3:44:46 PM (10 days ago) Sep 16
to micro passion 76, qz-p...@googlegroups.com
Per https://qz.io/docs/signing#setsignaturepromise
qz.security.setSignatureAlgorithm("SHA256"); // ^--- Add this to your JavaScript code qz.security.setSignaturePromise(function(toSign) { // ... });
On Tue, Sep 16, 2025 at 3:57 AM 'micro passion 76' via qz-print <qz-p...@googlegroups.com> wrote:
sylvain haudegond
Sep 17, 2025, 10:25:59 AM (9 days ago) Sep 17
to qz-print
thanks for your help
qz.security.setSignatureAlgorithm("SHA256"); was the good way !
i have also updating
qz-tray.js
and use
fetch(".../sign-message.php?request=" + toSign, {cache: 'no-store', headers: {'Content-Type': 'text/plain'}})rather than
$.post(".../sign-message.php", {request: toSign}).then(resolve, reject);
Now, its working !
PS :
I understand that QZ Tray only accepts SHA1withRSA
signatures.
chatgpt says stupid things sometimes ...
Tres Finocchiaro
Sep 17, 2025, 10:40:19 AM (9 days ago) Sep 17
to sylvain haudegond, qz-print
PS : I understand that QZ Tray [...] accepts [more than] SHA1withRSA signatures. chatgpt says stupid things sometimes ...
Agreed. :D
Reply all
Reply to author
Forward
0 new messages