1 files changed, 7 insertions, 7 deletions

diff --git a/registry/registry.go b/registry/registry.go
index 5f128f5..01d92c7 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -266,6 +266,12 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
 	request.Header.Set("Content-Type", "application/activity+json")
 	request.Header.Set("Host", url.Host)
 
+	h := sha256.New()
+	h.Write(jsonData)
+	digestHeader := base64.StdEncoding.EncodeToString(h.Sum(nil))
+	request.Header.Add("Digest", "SHA-256="+digestHeader)
+	request.Header.Add("Content-Type", "application/activity+json")
+
 	r.log.With(
 		"type",
 		"delivery",
@@ -280,7 +286,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
 		request.Header.Get("host"),
 	).Debugf("signing request")
 
-	signed_string := fmt.Sprintf("(request-target): post %s\nhost: %s\ndate: %s", url.Path, url.Host, date)
+	signed_string := fmt.Sprintf("(request-target): post %s\ncontent-type: %s\ndate: %s\ndigest: %s\nhost: %s", url.Path, request.Header.Get("Content-Type"), date, digestHeader, url.Host)
 
 	digest := sha256.New()
 	digest.Write([]byte(signed_string))
@@ -291,13 +297,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
 	r.mu.Unlock()
 
 	b64sig := base64.StdEncoding.EncodeToString(signature)
-
-	h := sha256.New()
-	h.Write(jsonData)
 	var header = `keyId="` + actorKeyUrl.String() + `",algorithm="rsa-sha256",headers="(request-target) content-type date digest host",signature="` + b64sig + `"`
-
-	request.Header.Add("Digest", "SHA-256="+base64.StdEncoding.EncodeToString(h.Sum(nil)))
-	request.Header.Add("Content-Type", "application/activity+json")
 	request.Header.Add("Signature", header)
 
 	//http sig signing code - broken?