Based on the documentation for DPM, it appears there is no issue with using an HTTPS address in "x_relay_url." I have DPM up and running with HTTP. When I switch my site over to HTTPS, which changes to the relay address to HTTPS, the relay does not compelete.
Any ideas where I could have gone wronog?
04-23-2012 11:39 AM
Was helping another user with a new test account.
I'm also getting
An error occurred while trying to report this transaction to the merchant. An e-mail has been sent to the merchant informing them of the error. The following is the result of the attempt to charge your credit card. This transaction has been approved. It is advisable for you to contact the merchant to verify that you will receive the product or service.
On the new account.
But on the old test account I'm getting
(14) The referrer, relay response or receipt link URL is invalid.
So, if it possible, even if you didn't do for HTTP, just log-in to your merchant and add your HTTPS URL to the valid URL. So we can rule it out as the problem.
04-25-2012 11:39 AM - edited 04-25-2012 11:40 AM
The SSL certificate is a single domain, standard SSL from GoDaddy.
I obtained a script to test for the cypher's my site supports here
Here are the results
Obtaining cipher list from OpenSSL 0.9.8o 01 Jun 2010. Testing ADH-AES256-SHA...NO (sslv3 alert handshake failure) Testing DHE-RSA-AES256-SHA...YES Testing DHE-DSS-AES256-SHA...NO (sslv3 alert handshake failure) Testing AES256-SHA...YES Testing ADH-AES128-SHA...NO (sslv3 alert handshake failure) Testing DHE-RSA-AES128-SHA...YES Testing DHE-DSS-AES128-SHA...NO (sslv3 alert handshake failure) Testing AES128-SHA...YES Testing ADH-DES-CBC3-SHA...NO (sslv3 alert handshake failure) Testing ADH-DES-CBC-SHA...NO (sslv3 alert handshake failure) Testing EXP-ADH-DES-CBC-SHA...NO (sslv3 alert handshake failure) Testing ADH-RC4-MD5...NO (sslv3 alert handshake failure) Testing EXP-ADH-RC4-MD5...NO (sslv3 alert handshake failure) Testing EDH-RSA-DES-CBC3-SHA...YES Testing EDH-RSA-DES-CBC-SHA...YES Testing EXP-EDH-RSA-DES-CBC-SHA...NO (sslv3 alert handshake failure) Testing EDH-DSS-DES-CBC3-SHA...NO (sslv3 alert handshake failure) Testing EDH-DSS-DES-CBC-SHA...NO (sslv3 alert handshake failure) Testing EXP-EDH-DSS-DES-CBC-SHA...NO (sslv3 alert handshake failure) Testing DES-CBC3-SHA...YES Testing DES-CBC-SHA...YES Testing EXP-DES-CBC-SHA...NO (sslv3 alert handshake failure) Testing EXP-RC2-CBC-MD5...NO (sslv3 alert handshake failure) Testing RC4-SHA...YES Testing RC4-MD5...YES Testing EXP-RC4-MD5...NO (sslv3 alert handshake failure) Testing DES-CBC3-MD5...NO (no ciphers available) Testing DES-CBC-MD5...NO (no ciphers available) Testing EXP-RC2-CBC-MD5...NO (sslv3 alert handshake failure) Testing RC2-CBC-MD5...NO (no ciphers available) Testing EXP-RC4-MD5...NO (sslv3 alert handshake failure) Testing RC4-MD5...YES Testing NULL-SHA...NO (sslv3 alert handshake failure) Testing NULL-MD5...NO (sslv3 alert handshake failure)
I see DES listed a couple times. Do you happen to know which is the one that I need to have?
04-25-2012 12:26 PM
Ok, I added a Default Relay Response URL, which still genrates the
An error occurred while trying to report this transaction to the merchant. An e-mail has been sent to the merchant informing them of the error. The following is the result of the attempt to charge your credit card. This transaction has been approved. It is advisable for you to contact the merchant to verify that you will receive the product or service.
04-25-2012 12:43 PM
I see DES listed a couple times. Do you happen to know which is the one that I need to have?
Have to wait for one of the Mod for that.
What kind of logic do you have on the relay response page?
How long do it ususaly take before you see the "An error occurred while trying to ...." error? 5 seconds? 10 seconds?
04-25-2012 01:48 PM
I'm getting a response in 2-3 seconds.
My processing logic looks up the transaction from the database to verify that the details are valid (I supposed I could pass this off to the order complete page). It then records the transaction response to a log file, generates the redirect url and calls Authorize.net back with
echo AuthorizeNetDPM::getRelayResponseSnippet($returnUrl);
Somewhat as a side note, I've also noticed that running my site in HTTP is generating the following now
3,2,14,(TESTMODE) The referrer, relay response or receipt link URL is invalid.,000000,P,0,,,10.00,,auth_capture,,,,,,,,,,,,,,,,,,,,,,,,,,B97E73F8AE4861BC774223E9C5B01D78,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,Purchase
I'm not sure what's going on here, since I can access that page directly from the web.
04-27-2012 01:59 PM
If it timeout that fast, it probably mean authorize.net can't connect to your HTTPS page for some reason.
The 3,2,14 error is because I ask you to add the HTTPS to your valid relay response url. Remove it from your account and it should go away.
04-27-2012 03:13 PM
The issue does seem to be that authorize.net can't connect to my HTTPS page. I'm not having much luck figuring out why, however.
As far as I can tell, the relay response from authorize.net isn't hitting my server.
Based on the link you pointed out, I tried updating my settings to
SSLEngine on SSLProtocol TLSv1 SSLCipherSuite AES:DES-CBC3-SHA CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
In the resulting ssl_request_log, I show that my checkout page is accessed through SSL, but the relay url request doesn't show up.
I can copy and past the x_relay_url from my checkout page in to the browser and it works just fine (and shows up in ssl_request_log).
Any ideas where I can go from here?
05-14-2012 09:03 PM
Actually, the error 14 that you are receiving doesn't indicate an error loading your relay response page, it is telling us that the relay response URL that you are submitting is not allowed for this account. By default, Authorize.Net accounts will allow developers to submit any relay response URL, but the account settings also allow you to specify a default relay response URL along with a longer list of allowed Response/Receipt URLs. Once you have configured these settings, it establishes a kind of whitelist of allowed relay response urls for the account.
The error that you are receiving indicates that at least one Response/Receipt URL has been specified in your account settings, and that it does not match what you are trying to use in your DPM request. There are two resolutions for this:
05-16-2012 03:36 PM