In an attempt to create relay server for ActivityPub I’ve run into issues. Hoping someone can point me in the right direction that has been through this dance before. Currently stuck on getting the http-signature to be valid when posting the ‘Accept’ for the follow from an instance. I’ve managed to get through the need for a digest header: {"error":"Mastodon requires the Digest header to be signed when doing a POST request"}
And when the header is incorrect: {"error":"Invalid Digest value. Computed SHA-256 digest: hSInFnh/+nfXvO53Y3B9Lzw/lYTlcDLVmW6ip1bQJCQ=; given: bOyqyOOL8CAIp2xBpSwWgsBOQSCFYVwxZ8pIN2Nseg0="}
And when the webfinger config was wrong: {"error":"Webfinger error when resolving relay@acctrelay.moth.social: Request for acct:relay@acctrelay.moth.social returned HTTP 404"}
The current error returning from the instance is: {"error":"Verification failed for relay@acctrelay.moth.social https://acctrelay.moth.social/actor using rsa-sha256 (RSASSA-PKCS1-v1_5 with SHA-256)","signed_string":"(request-target): post /inbox\nhost: staging.moth.social\ndate: Wed, 21 Jun 2023 22:38:44 GMT\ndigest: SHA-256=IuHD2Uc886zZlkrLZj02yFu1hSI9ZRC9DSkdb2Hmt8o=","signature":"WxmM3/iz2I//mJmoD9Hhz7iZvkaOP6XLtmF0e30NqFB+wvePMUryNpp9o0Wzv1rv1vaKYCuENStCgZ2YIXfpaVJcJEV5iNvqeA84BCmARYEMJHgWDG9S/xWIHLloVwIMHibpyWNh/aLVaXjzOLNn2svEiFux0UgySOvh7hEU1FhmH7SLajlwrtl5uSTbjKCFSUxq/nux6FUcgQFBTDuRiBnf82hNBkedMWBSlzP/0zDDANi0rOKvKYnQ14dfWjnRfxCCppFD8EqCubdS7epMmBLmE6V9IM4U8zbx3bZ8qLYBij9tKDPwMzarHh/EPdX9Y7qVup6tWKQRvsbPeramQQ=="}
This one I haven’t resolved, and I’m running low on ideas. My best guess is it’s a mismatch with my privatePEM and the publicPEM that the instance is getting from the relay’s /actor endpoint. Maybe? My next question is what other dragons lurk in this setup that I need to be mindful of? Here’s a gist of what simplified service I am trying, ActivityPub HTTP Signature and POST activity · GitHub
I’ve gathered a several resources that have been helpful in getting me this far.