cancel
Showing results for 
Search instead for 
Did you mean: 

Intermittent SSL errors with AIM

Friday evening we started getting intermittent SSL errors when connecting to the API servers.  We use the active merchant library(http://activemerchant.org/) from ruby in two different apps and those both had the same issue.  About 1/11 connections that were attempted threw this error:

 

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

 

This was consistent between both applications, and neither got any updates related to this on Friday.  What I've seen online is that people who previously got this error got it because some of the servers were not sending along the intermediate certificate.  That would be consistent with what I am seeing.  When I tested with ssl_strict=false this morning the errors stopped, but that is not a solution I want to depend on.

 

Any thoughts?

danielfarrell
Member
1 ACCEPTED SOLUTION

Accepted Solutions

A change was recently implemented that should correct this problem.  Please confirm that you you are no longer seeing an error on your sites.

View solution in original post

14 REPLIES 14
We have exact same issue. The failure frequency seems to be increasing. We called authorize but they say there is no problem but there clearly is
tdavis1198
Member

We are also experiencing the same intermittent problems since Aug 3.  We are also accessing AIM using the ActiveMerchant plugin.  We are running ruby version 1.9.3p125.

 

Same exception message: 

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

 

This is critical as 20% of our transactions are failing. This seems to be related to misconfigured SSL certificates on the secure.authorize.net servers (and not related to AIM requests specifically).

 

 

 

standev
Member

Same problem for us.  Happens approximately 20% of the time.

It started around 6 PM EDT on Aug 3.

 

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

 

To help us further troubleshoot this issue, could you identify your Certificate Authority (CA)?

It's your CA that is in question here, not ours.  That error happens when the software tries to make an SSL connection to your server to process a transaction.  It does not have anything to do with our SSL/CA stuff.

Yes, I believe it has to do with the SSL certificate(s) on https://secure.authorize.net/gateway/transact.dll, which is where the AIM API calls are being made to.  These are server side calls from our software to your servers; it has nothing to do with our SSL/CA on our own web servers.

Same issue here. We have seen this error 241 times in the last 4 days.

Just confirmed with a former employee of ours that this exact issue happened a little over a year ago, and the problem was that Authorize added a new server with a bad SSL cert.

I think we all realized that this was the issue a few days ago. Now just waiting for the light bulb to go on at authorize