topic Assist with TLS 1.2 check in Integration and Testing

Assist with TLS 1.2 check

dant — Tue, 12 Dec 2017 21:45:42 GMT

Our app in our staging environment connects successfully to A.net's sandbox and works as expected, but I'd like to double-verify we're connecting via TLS 1.2 in our stage and production environment prior to the Feb. 28 deadline.

On the Authorize.net PHP SDK page on GitHub (https://github.com/AuthorizeNet/sdk-php), the instructions below are offered for testing, but can you provide some advice on where to position this snippet to generate the response. For example, I positioned the snippet in the footer of the web app and this was the response: {"messages":{"resultCode":"Error","message":[{"code":"E00003","text":"Root element is missing."}]}} That leads me to believe it's not in the right context within the app.

I've inherited the app in question and still getting up-to-speed on it, so I appreciate a little extra direction.

Thanks!

To test whether your current installation is capable of communicating to our servers using TLS 1.2, run the following PHP code and examine the output for the TLS version:

<?php
    $ch = curl_init('https://apitest.authorize.net/xml/v1/request.api');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_VERBOSE, true);
    $data = curl_exec($ch);
    curl_close($ch);

Re: Assist with TLS 1.2 check

Anurag — Wed, 13 Dec 2017 03:52:46 GMT

Hi @dant

The below link should be helpful in it .

https://stackoverflow.com/questions/27904854/verify-if-curl-is-using-tls

Re: Assist with TLS 1.2 check

bhav — Wed, 13 Dec 2017 03:59:15 GMT

@Anurag you beat me to it :-)

@dant Please look into the link for similar issue that got resolved for root element missing issue - https://community.developer.authorize.net/t5/Integration-and-Testing/XML-Problem-E00003-Root-Element-Is-Missing/m-p/31570#M16449

Re: Assist with TLS 1.2 check

dant — Wed, 13 Dec 2017 18:30:15 GMT

Thanks for the info, but I still haven't broken through. Here's how I have the test constructed now:

	<?php	
		$ch = curl_init('https://apitest.authorize.net/xml/v1/request.api');
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		curl_setopt($ch, CURLOPT_VERBOSE, true);
		$data = curl_exec($ch);
		curl_close($ch);
		$json = json_decode($data);
		echo "TLS info: " . $json->tls_version;
		echo "<br>";
		$curl_info = curl_version();
		echo "Curl info: " . $curl_info['ssl_version'];	
	?>

Which returns:

TLS info:
Curl info: NSS/3.28.4

When I swap in a new endpoint in place of A.net test as follows:

	<?php	
		$ch = curl_init('https://www.howsmyssl.com/a/check');
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		curl_setopt($ch, CURLOPT_VERBOSE, true);
		$data = curl_exec($ch);
		curl_close($ch);
		$json = json_decode($data);
		echo "TLS info: " . $json->tls_version;
		echo "<br>";
		$curl_info = curl_version();
		echo "Curl info: " . $curl_info['ssl_version'];	
	?>

It returns:

TLS info: TLS 1.2
Curl info: NSS/3.28.4

Which looks to me like the code is correct (and we're good with CURL version) but the connection to https://apitest.authorize.net/xml/v1/request.api isn't happening or a response isn't being sent back.

Any thoughts?

Re: Assist with TLS 1.2 check

NexusSoftware — Thu, 14 Dec 2017 19:19:37 GMT

Hello @dant,

Using https://apitest.authorize.net/xml/v1/request.api as an endpoint, isn't going to return any TLS information, because that is not part of their JSON response.

Considering your response from https://www.howsmyssl.com/a/check, it looks like your TLS is fine.

The response of {"resultCode":"Error","message":[{"code":"E00003","text":"Root element is missing."}]}} is due to the appropriate XML not being posted as part of that particular request.

To be sure your production environment is ready for the TLS change, just use the sandbox endpoint and login information with your application in your production environment. If you receive a successful response, you are good to go.