Prerequisites Malaysia

Obtaining ClientID and Client Secret

The Taxpayer has to request credentials for sandbox and production via e-mail to sdkmyinvois@hasil.gov.my while providing the following information:

The Taxpayer must acquire 1 certificate per tax ID from one of the licensed certification authorities listed here:

The certificate must be a valid X.509 soft certificate that matches the profile explained below:

Certificate distinguished name must have elements listed in the table below:

Common name (CN) [OID 2.5.4.3] – The company or organization name.
Country (C) [OID 2.5.4.6] – The country of the organization – 2-letter ISO code.
Email (E) [OID 1.2.840.113549.1.9.1] – (Optional) an email for the organization.
Organization (O) [OID 2.5.4.10] – The company or organization name.
Organization identifier [OID 2.5.4.97] – The Tax Identification Number of the organization (TIN).
Organization Unit (OU) [OID 2.5.4.11] – (Optional) A value representing an organization unit in the organization.
Serial number (serialNumber) [OID 2.5.4.5] – The business registration number (BRN) of the organization that is linked to the TIN provided above.

To ensure digital signature level, following certificate extensions must be set:

Key Usage – “Non-Repudiation (40)”. Note that additional key usages can also be specified, but “Non-Repudiation (40)” must be present.
Enhanced Key Usage (aka Extended Key Usage) – “Document Signing (1.3.6.1.4.1.311.10.3.12)”. Note that additional enhanced key usages (e.g., “Secure Email (1.3.6.1.5.5.7.3.4)”) can also be specified, but “Document Signing (1.3.6.1.4.1.311.10.3.12)” must be present.

Once the Certificate, ClientID and Client Secret is obtained the information must be provided to the Retarus Implementation Engineer.