Notices where this attachment appears
-
Embed this notice
silverpill (silverpill@mitra.social)'s status on Monday, 10-Feb-2025 05:49:50 JST 
silverpill
@mariusor It is not invalid, just unusual.
I enabled detailed logging on my server and posted an activity via C2S API as you suggested.
It appears that POST requests are signed by https://federated.id/#main. My server tries to load the https://federated.id/ actor and rejects it because it doesn't have a preferredUsername property (not required by AP, but very common and my server needs it). My server also expects signing key to be owned by activity actor, but I can change that if needed (same origin is ok). Finally, https://federated.id/#main is an RSA key :)
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.