developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Ask a question

DPM works with SSL intermittently in live account;OK without SSL, or with SSL in Developer Account

This is an update to our original post at:

http://community.developer.authorize.net/t5/Integration-and-Testing/DPM-only-working-intermittently-...

 

  • With DPM, a developer account, and using an SSL link for the relay response we ran hundreds of transaction with no AN issues
  • With DPM - same code, a live customer account, and using a SSLlink for the relay response, at least 10% of our transaction submittals time out with no repsonse from AN (no log entries)
  • With DPM, a live customer account, and using an non-SSLlink for the relay response, all transactions seem to be working as intended.

Our conclusions:

  • Developer accounts and live accounts respond differently to the same situations and code
  • There are SSL issues we do not understand on a live account, but not on a developer account.

We have checked our SSL certificate at:

http://www.digicert.com/help/ and

https://www.ssllabs.com/ssltest/analyze.html

 

and do not see any issues but then we are not sure what to look for. There is nothing in the AN documentation about this so any help resolving this issue would be appreciated.

 

Thanks.

 

StephenS
Contributor

โ€Ž08-01-2012 12:36 PM

0 Kudos
26 REPLIES 26

We have been experiencing the same issue since we changed the certificate to digicert. The problem occurred right after we switch the certificate.  

 

Which CA are you using? 

ragnarok77
Member

โ€Ž08-01-2012 02:50 PM - edited โ€Ž08-01-2012 02:50 PM

0 Kudos

We use SecureTrust.

 

Does it work on a developer (test) account? That is one of the confusing items.

StephenS
Contributor
In response to ragnarok77

โ€Ž08-01-2012 03:20 PM

0 Kudos

It definitely works on test account. We've been using SIM (similar to DPM) for two years. We only started to see these timeout errors two weeks ago, right after we changed CA. The failure rate is about 10%. 

 

Before that the system was pretty solid. My guess is that Authorize.net uses a large farm of servers to send relay messages. And some of their servers don't have certain root CAs installed.

 

We used Wireshark to capture the traffic. For those failed transactions, Authorize.net tried to negotiated the certificate. However after negotiation is done, they never sent us the actual relay message, very like because they don't trust the certificate.  

ragnarok77
Member
In response to StephenS

โ€Ž08-01-2012 04:27 PM

0 Kudos

We've been using AIM for ten years with no issues. And we have used SIM as an intermediate step to DPM. Have converted to DPM to help with PCI compliance.

 

I have a ticket in AN support but have not had a response in 48 hours -- not what you would expect! I am suprised a moderator from AN has not responded here to. AN need to help by providing some documentation on this.

 

I see others have also had issues with SSL. We have spent two weeks trying to troubleshoot this, and seeing the difference between developer and live accounts, and SSL and no SSL, would clearly indicate that AN have a problem and that relying on developer accounts for development can lead to real problems. As you say, the servers in their farm are probably not equal.

StephenS
Contributor
In response to ragnarok77

โ€Ž08-01-2012 04:46 PM

0 Kudos

@ragnarok7 @StephenS

 

I've been watching this thread with great interest, but don't yet have any specific information on a solution, so please stay tuned while we dig a little more into your reports.

 

Richard

 


RichardH
Administrator Administrator
Administrator
In response to StephenS

โ€Ž08-01-2012 05:05 PM

0 Kudos

@RichardH. Thanks for looking into this. Appreciated!

StephenS
Contributor
In response to RichardH

โ€Ž08-01-2012 05:30 PM

0 Kudos

We are seeing the same issue since switching to Digicert a week ago. We too have taken a packet capture and see that Authorize.Net is gracefully terminating the SSL connection without sending a POST. I've been pestering A.net as much as possible concerning this and they say it's not their problem.

rellington
Member
In response to StephenS

โ€Ž08-02-2012 07:31 AM

0 Kudos

@RichardH. Any information on this yet?

 

I still have not any response from support (now 3 business days) so this does not reflect well on AN.

 

Given that a developer account is fine and real accounts exhibit the issue I cannot see that the usual "your code is the problem" really applies unless there are differences in the two account types that are not publicly known.

 

I see other recent threads with SSL issues too.

StephenS
Contributor
In response to RichardH

โ€Ž08-02-2012 04:26 PM

0 Kudos

We're still working on resolution.  As soon as I have anything to report, I'll post here in the community.

RichardH
Administrator Administrator
Administrator
In response to StephenS

โ€Ž08-03-2012 10:44 AM

0 Kudos
Copyright © 2024 Khoros, LLC