cancel
Showing results for 
Search instead for 
Did you mean: 

Error: The client and server cannot communicate, 0x80090331 -2146893007 Sec_E_Algorithm_Mismatch

Authorize.net support suggested posting this issue here to see if anyone else has experienced the same problem. Since November 4th when SSLv3 support was disabled, my server's online transactions (AIM implementation) are returning the error:

 

0x80090331 -2146893007 Sec_E_Algorithm_Mismatch The client and the server cannot communicate, because they do not possess a common algorithm

 

Server is running TLS 1.0 with 2 ciphers in common with Authorize.net:

TLS_RSA_WITH_RC4_128_SHA (0x5)

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)

 

The error occurs after line 22 of code located in AuthorizeNetCCSubmit.asp:

 

set WinHttp = Server.CreateObject("WinHttp.WinHttpRequest.5")

 

with response

                For Each item in Request.Form

                '               Response.Write item & "  ..: " & Request(item) & "<br />"

                Next

                '   .Write "<hr />Return Page... :"&  trim(request("ReturnPage"))  &"<hr />"

 

                Msg = "?"

 

                for each form_item in split(request.form,"&")

                                if (instr(1,split(form_item,"=")(0),"x_") > 0) then

                                                Msg = Msg + trim(split(form_item,"=")(0)) + "=" & request(split(form_item,"=")(0)) + "&"

                                end if

                next

                                WinHttp.Open "POST", SecureServer & Msg

                                WinHttp.Send

                                strResponse = WinHttp.ResponseText

 

                if (Split(strResponse, ",")(0) = "1") then

                                SecureStatus = "APPROVED"

                else

                                SecureStatus = "DECLINED"

                end if

 

                Reason = (Split(strResponse, ",")(3))

    Session("Reason")=Reason

%>

 

Authorize.net states they've not seen this problem before and that having ciphers in common should allow transactions to go through without error.  Any suggestions/advice is greatly appreciated!

webmizcsm93
Member
4 REPLIES 4

Hello

It doesn't look like anyone has responded yet, but someone still may have feedback on what you're looking for. I'd recommend subscribing to this topic so that you'll be alerted via email if anyone else from the community is able to respond with any comments. To subscribe, click Topic Options at the top of this thread and then select Subscribe. You'll then receive an email once anyone replies to your post.

Thanks,

Richard

RichardH
Administrator Administrator
Administrator

This issue has continued to escalate without any developer support.  All of our online payment forms stopped functioning as of Nov. 4th, 2014.  After scouring the internet, we seem to be the only ones having this problem.  Any advice, other than using the simple checkout which we have done - but with reduced functionality, would be greatly appreciated. Help?

I'm curious why you are using TLS 1.0 with only two ciphers. Which server platform are you using? And if you are using Windows Server 2008 R2 or greater, have you tried enabling TLS 1.1 and TLS 1.2?

Also, have you used a tool such as Wireshark or Fiddler to see exactly where the security negotiation fails? That might be helpful.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.

We are using Windows Server 2003 with Service Pack 2.  Will look into Wireshark and Fiddler as you mentioned - thanks.