developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Ask a question

Another TLS Assist Request/Question

View the SolutionThis topic has been marked as solved.

According to this:

 

https://community.developer.authorize.net/t5/Integration-and-Testing/Sandbox-URL-to-test-TLS-Update/...

 

it would appear that transaction requests submitted to https://test.authorize.net/gateway/transact.dll cannot complete if the submitting application is not TLS 1.2 compliant.

 

Have I understood this correctly?

 

My application is compiled with Visual Studio 2010 and .NET 4, which, as I understand it anyway, requires a hack to make it work with TLS 1.2. For example, I've read that if the following code (bolded) is implemented in the global.asax file of a .NET 4 application, it will use the proper protocol without incident:

 

protected void Application_Start(Object sender, EventArgs e)
        {
            // Enforce the security protocol to TLS 1.2

            //System.Net.ServicePointManager.SecurityProtocol = (System.Net.SecurityProtocolType)3072;

            Application["TotalUsers"] = 0;
            Application["CurrentUsers"] = 0;
        }

 

My quandry has to do with the fact that I just placed my app in test mode, which tests transactions against https://test.authorize.net/gateway/transact.dll and the test went through fine, i.e., I got a TEST MODE receipt from both Authorize.Net and my application.

 

As you can see, however, the required code is commented out, meaning it shouldn't have been capable of utilizing TLS 1.2?

 

I'm concerned I'm not seeing something correctly here.

 

Any help is appreciated.

 

1 person had this problem.
sycomputing
Member

โ€Ž01-25-2018 01:18 PM

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

View the SolutionThis topic has been marked as solved.

Yes if the same version of the application running on sandbox is also on the production . 

 

Also we are doing  temporary disablement of TLS 1.1/1.0 on production  on one of the following dates and time:

 

  • Akamai-enabled API connections will occur on January 30, 2018 between 9:00 AM and 1:00 PM Pacific time.

 

  • All other API connections will occur on February 8, 2018 between 11:00 AM and 1:00 PM Pacific time

 

You can monitor your system during these time to check if any issues are coming . 

 

 

Thanks





Send feedback at developer_feedback@authorize.net

View solution in original post

Anurag
Moderator Moderator
Moderator
In response to sycomputing

โ€Ž01-25-2018 10:26 PM - edited โ€Ž01-25-2018 10:27 PM

0 Kudos
5 REPLIES 5

View the SolutionThis topic has been marked as solved.

So this message from Richard in the thread I cited above is NOT true?

 

Re: Sandbox URL to test TLS Update
 
Options
 

โ€Ž05-06-2017 08:09 PM

@redbrad0 The endpoint https://test.authorize.net/gateway/transact.dll is now configured to only accept TLS 1.2 connections.

 

https://www.ssllabs.com/ssltest/analyze.html?d=test.authorize.net&latest

 

Richard

sycomputing
Member

โ€Ž01-25-2018 03:39 PM

0 Kudos

View the SolutionThis topic has been marked as solved.

Hi @sycomputing

 

 

 TLS 1.2 is enabled for sandbox  already  . 

 

https://www.ssllabs.com/ssltest/analyze.html?d=test.authorize.net

 

We are going to disable TLS 1.0/1.1 for production url  on Feb 28 , 2018 .

 

 

 

 

 





Send feedback at developer_feedback@authorize.net
Anurag
Moderator Moderator
Moderator
In response to sycomputing

โ€Ž01-25-2018 03:58 PM

View the SolutionThis topic has been marked as solved.

Hi Anurag:

 

Thanks for your reply.

 

Then as I understand you, if my application using AIM currently successfully submits transactions via the sandbox at -

 

https://test.authorize.net/gateway/transact.dll

 

- then transactions at the production URL -

 

https://secure.authorize.net/gateway/transact.dll

 

will succeed after Feb 28th with no futher code modification on my part?

 

Is this correct?

sycomputing
Member
In response to Anurag

โ€Ž01-25-2018 04:19 PM

View the SolutionThis topic has been marked as solved.

Yes if the same version of the application running on sandbox is also on the production . 

 

Also we are doing  temporary disablement of TLS 1.1/1.0 on production  on one of the following dates and time:

 

  • Akamai-enabled API connections will occur on January 30, 2018 between 9:00 AM and 1:00 PM Pacific time.

 

  • All other API connections will occur on February 8, 2018 between 11:00 AM and 1:00 PM Pacific time

 

You can monitor your system during these time to check if any issues are coming . 

 

 

Thanks





Send feedback at developer_feedback@authorize.net
Anurag
Moderator Moderator
Moderator
In response to sycomputing

โ€Ž01-25-2018 10:26 PM - edited โ€Ž01-25-2018 10:27 PM

0 Kudos

View the SolutionThis topic has been marked as solved.

Thank you!

sycomputing
Member
In response to Anurag

โ€Ž01-26-2018 07:41 AM

Copyright © 2024 Khoros, LLC