cancel
Showing results for 
Search instead for 
Did you mean: 

End point confirmation for TLS 1.2 upgrade

Hello,

 

Currently we are in the prcess of upgrading the connectivity to TLS 1.2 as per the requirement announced by Authorize.net.

 

Currently we are using the below urls/end pints. We need your confirmation if we can use these urls without any issue.

 

TEST:
https://test.authorize.net/gateway/transact.dll


LIVE:
https://secure2.authorize.net/gateway/transact.dll

Malith
Member
17 REPLIES 17

Matt,

 

Will you able to share the SSL labs report here? Also, are you using Java SE 9 to connect to https://secure2.authorize.net/gateway/transact.dll?

 

Thanks

Bhavana

bhav
Authorize.Net Expert Authorize.Net Expert
Authorize.Net Expert
An SSLLabs report is irrelevant when it comes to your server making a client connection to another web server. Remember, the only thing SSLLabs can tell you is what version of TLS is negotiated when their machine makes a connection to the HTTP server software running on _your_ server machine. That’s not what is at issue here.

It’s good that you’re enforcing TLS 1.2 connections when other machines are making connections to _your_ machine. That’s definitely necessary, and required to be compliant with PCI-DSS. But, you also have to be capable of connecting as TLS 1.2 when your machine is acting as a client connecting to a web server.

So, what _is_ at issue is the version of TLS that your machine is able to negotiate when your machine is connecting as an HTTP client to the HTTP server software running on the Authorize.Net endpoint. Whether your machine is capable of negotiating a TLS 1.2 connection when acting as a _client_ is completely dependent on things like your programming environment that your application was written in and its libraries, or the system libraries that your application is calling to make this client connection.

We were curious to see the ssl report you ran as we were able to connect to secure2 endpoint with TLS protocol. Please let us know whether your issue is resolved.

 

-Bhavana

bhav
Authorize.Net Expert Authorize.Net Expert
Authorize.Net Expert

I have been working on server migration and preparing for TLS 1.2

 

I am successfully transacting to https://test.authorize.net/gateway/transact.dll and seeing transactions show up on my sandbox account.

 

I am doing this from a new domain without my SSL installed. However, once I do move the SSL, should it be ready to go?

 

My cert is TLS 1.2 ready and I am using centos 7.4 with PHP 5.4.16.

 

Is there anything else I can do to be certain I am ready to go?

 

Thanks in advance for your help!

webguy123
Member

Hi,

 

Even we are encountering similar errors as explained by matt.

 

Till yesterday, all our payments went through and from today, i.e 28 Feb 2018, we arent getting response from authorize.net.

Does anyone have a resolution for this? We haven't been able to process payments all day. All auth.net does is send and resend us the TLS upgrade document. We have verified that we are using 1.2 and have removed all other versions from the servers and from the registry. 

Have you compared the ciphers you are attempting to use with those configured for the endpoint you are using?  Use the SSL Lab Report and compare the list of ciphers with those configured for your server.

 

Also, another suggestion is to try moving from the akamai to non-akamai endpoint.

 

Richard

Is someone from auth.net going to step out of the shadows to address this issue? I talked with the server techs at our hosting company and they said it is a global issue for all of the sites they host. they have been working on the issue all day and have made no progress because of the lack of help from auth.net