Hi,
I am having an issue with Sandbox working everytime and Production failing every time.
For Sandbox I use the following code in php:
<?php
$xmlContent = '<createTransactionRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
<merchantAuthentication>
<name>327zFYy6</name>
<transactionKey>7A66szz53F6N67YK</transactionKey>
</merchantAuthentication>
<transactionRequest>
<transactionType>authCaptureTransaction</transactionType>
<amount>2.70</amount>
<payment>
<creditCard>
<cardNumber>xxxxxxxxxxxxxxxx</cardNumber> I used a real credit card
<expirationDate>1119</expirationDate>
<cardCode>002</cardCode>
</creditCard>
</payment>
<customer>
<id>Ryan Moore</id>
</customer>
<billTo>
<firstName>Ryan</firstName>
<lastName>Moore</lastName>
<address>3780 Rosin Court</address>
<city>Sacramento</city>
<state>CA</state>
<zip>95834</zip>
<country>USA</country>
</billTo>
<transactionSettings>
</transactionSettings>
</transactionRequest>
</createTransactionRequest>';
$url = 'https://apitest.authorize.net/xml/v1/request.api';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt($ch, CURLOPT_POSTFIELDS, $xmlContent);
$result = curl_exec($ch);
//echo "<pre> Result Array: <br>";
//print_r($result);
//echo "<pre>";
echo "Result: " . $result . "<br>";
echo "<br>";
$err_status = curl_error($ch);
echo "Err Status: " . $err_status . "<br>";
curl_close($ch);
echo "URL: " . $url . "<br>";
$curl_info = curl_version();
echo "SSL: " . $curl_info['ssl_version'] . "<br>";
$ch = curl_init('https://www.howsmyssl.com/a/check');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
curl_close($ch);
$json = json_decode($data);
echo "TLS: " . $json->tls_version ."<br>";
?>
I get:
Result: OkI00001Successful. 1FQ6V8EYP2400256621287ECA7D1F270049DF9846976B8B3F5A3F0XXXX0027MasterCard1This transaction has been approved.
Err Status:
URL: https://apitest.authorize.net/xml/v1/request.api
SSL: OpenSSL/1.0.2m
TLS: TLS 1.2
----------------------------------------------------------------------------------------------
For Production I changed only the following three lines. I used my live 11 digit account id and live transaction key. I changed from apitest to api for the url.
<name>xxxxxxxxxxx</name>
<transactionKey>xxxxxxxxxxxxxxxx</transactionKey>
$url = 'https://api.authorize.net/xml/v1/request.api';
I get:
Result:
Err Status: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api.authorize.net:443
URL: https://api.authorize.net/xml/v1/request.api
SSL: OpenSSL/1.0.2m
TLS: TLS 1.2
02-21-2019 02:47 PM
Hi ryantmoore,
This sounds like a cert or OpenSSL issue, based on what you are describing, but I'm including some basic server configuration best practices advisements below as well.
If you are using a PHP SDK, make sure you are using the most recent version found at https://github.com/AuthorizeNet/sdk-php, or at least the most recent version of the cert.pem file found in the PHP SDK.
What are the current Best Practices that should follow for browser and/or setting up a new server-to-server that relies on TLS to secure the connection?
Only TLS 1.2 should be used. Earlier versions are no longer supported. With TLS 1.2 protocol, any modern cipher suites maybe used to initiate the secure handshake but there are some preferred configurations:
For browsers using modern/up-to-date browsers that support TLS 1.2 is required. It is recommend to have auto update enabled to ensure your browser is kept up-to-date. It is also recommend to keep your Operating System (OS) patched and up-to-date with patches and security fixes.
How can I find out what protocols and ciphers Authorize.Net currently supports?
For cipher support ECDHE and AESGCM are preferred, SHA-1 ciphers will be not be supported as of 01/15/2019. For a full list/report SSL Labs report can be run to see and verify TLS version and ciphers supported. Please see below for a matrix of reports available, by API endpoint and environment.
I hope this information is helpful.
Thank you,
Elaine
03-07-2019 12:15 AM