Authorize.net support suggested posting this issue here to see if anyone else has experienced the same problem. Since November 4th when SSLv3 support was disabled, my server's online transactions (AIM implementation) are returning the error:
0x80090331 -2146893007 Sec_E_Algorithm_Mismatch The client and the server cannot communicate, because they do not possess a common algorithm
Server is running TLS 1.0 with 2 ciphers in common with Authorize.net:
The error occurs after line 22 of code located in AuthorizeNetCCSubmit.asp:
set WinHttp = Server.CreateObject("WinHttp.WinHttpRequest.5")
For Each item in Request.Form
' Response.Write item & " ..: " & Request(item) & "<br />"
' .Write "<hr />Return Page... :"& trim(request("ReturnPage")) &"<hr />"
Msg = "?"
for each form_item in split(request.form,"&")
if (instr(1,split(form_item,"=")(0),"x_") > 0) then
Msg = Msg + trim(split(form_item,"=")(0)) + "=" & request(split(form_item,"=")(0)) + "&"
WinHttp.Open "POST", SecureServer & Msg
strResponse = WinHttp.ResponseText
if (Split(strResponse, ",")(0) = "1") then
SecureStatus = "APPROVED"
SecureStatus = "DECLINED"
Reason = (Split(strResponse, ",")(3))
Authorize.net states they've not seen this problem before and that having ciphers in common should allow transactions to go through without error. Any suggestions/advice is greatly appreciated!
It doesn't look like anyone has responded yet, but someone still may have feedback on what you're looking for. I'd recommend subscribing to this topic so that you'll be alerted via email if anyone else from the community is able to respond with any comments. To subscribe, click Topic Options at the top of this thread and then select Subscribe. You'll then receive an email once anyone replies to your post.
This issue has continued to escalate without any developer support. All of our online payment forms stopped functioning as of Nov. 4th, 2014. After scouring the internet, we seem to be the only ones having this problem. Any advice, other than using the simple checkout which we have done - but with reduced functionality, would be greatly appreciated. Help?
I'm curious why you are using TLS 1.0 with only two ciphers. Which server platform are you using? And if you are using Windows Server 2008 R2 or greater, have you tried enabling TLS 1.1 and TLS 1.2?
Also, have you used a tool such as Wireshark or Fiddler to see exactly where the security negotiation fails? That might be helpful.