Using the AIM service, my users are getting these errors intermittently:
cURL error: SSL connect error
cURL error: <url> malformed
Users get one, the other, or neither error. In some cases, the user can resubmit the form without changes and it goes through fine. Sometimes the transaction goes through fine without errors the first time. We started seeing these errors just today, but that may be because, prior to today, we have not used Authorize.net for the past few weeks.
Here is the bit of PHP where the cURL options are set, in case it reveals anything:
// Setup the cURL request. $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_VERBOSE, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, implode('&', $pairs)); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_NOPROGRESS, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); $result = curl_exec($ch);
It may not be relevant, but we are using the commerce_authnet module in the Drupal framework.
Thanks
07-08-2014 12:05 PM - last edited on 07-08-2014 12:14 PM by RichardH
We've been seeing similar issues intermittently since about 1:20 PM EDT. We're sustaining about 18% error rate for calls to Authorize.Net.
We're a Java-based environment if it makes any difference.
07-08-2014 12:16 PM
Hello @arnold
Are you able to duplicate this in the sandbox? If you are only experiencing this with your live production account, I would suggest you contact our customer support department.
I'd recommend subscribing to this topic so that you'll be alerted via email if there are updates. To subscribe, click Topic Options at the top of this thread and then select Subscribe. You'll then receive an email once anyone replies to your post.
Thanks,
Richard
07-08-2014 12:19 PM
Hello @zbedell
I see you posted about the same time I responded earlier. Are you able to duplicate this in the sandbox as well?
Richard
07-08-2014 12:21 PM
It doesn't appear to be happening in the sandbox, though that's tough to be certain of with an intermittent problem. I ran 126 test transactions over the course of a minute or so, and none of them failed, but prod transactions failed from our production server while the test was running from my desktop.
07-08-2014 12:34 PM
I'm seeing this as well, probably lower than 18% error rate, but a handful of failed connections today.
07-08-2014 01:06 PM
We're also seeing this. Our Java application is having intermittent errors, and when I use the command-line curl I'm seeing error rates around 10-15%.
This is a verbose failed trace from curl:
curl -v -v -v -D - "https://secure.authorize.net/gateway/transact.dll"
* About to connect() to secure.authorize.net port 443 (#0)
* Trying 64.94.118.32...
* connected
* Connected to secure.authorize.net (64.94.118.32) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to secure.authorize.net:443
* Closing connection #0
curl: (35) Unknown SSL protocol error in connection to secure.authorize.net:443
A successful trace (i.e. no SSL errors) gives:
curl -v -v -v -D - "https://secure.authorize.net/gateway/transact.dll"
* About to connect() to secure.authorize.net port 443 (#0)
* Trying 64.94.118.32...
* connected
* Connected to secure.authorize.net (64.94.118.32) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-MD5
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; 1.3.6.1.4.1.311.60.2.1.3=US; 1.3.6.1.4.1.311.60.2.1.2=Delaware; O=Cybersource Corporation; businessCategory=Private Organization; serialNumber=2838921 + CN=secure.authorize.net
* start date: 2013-03-06 14:59:35 GMT
* expire date: 2015-06-07 02:19:02 GMT
* subjectAltName: secure.authorize.net matched
* issuer: C=US; O=Entrust, Inc.; OU=www.entrust.net/rpa is incorporated by reference; OU=(c) 2009 Entrust, Inc.; CN=Entrust Certification Authority - L1E
* SSL certificate verify ok.
> GET /gateway/transact.dll HTTP/1.1
> User-Agent: curl/7.26.0
> Host: secure.authorize.net
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Connection: close
Connection: close
< Date: Tue, 08 Jul 2014 20:23:18 GMT
Date: Tue, 08 Jul 2014 20:23:18 GMT
< Server: Microsoft-IIS/6.0
Server: Microsoft-IIS/6.0
< X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 151
Content-Length: 151
< Cache-Control: private, must-revalidate, max-age=0
Cache-Control: private, must-revalidate, max-age=0
< Expires: Tue, 01 Jan 1980 00:00:00 GMT
Expires: Tue, 01 Jan 1980 00:00:00 GMT
<
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
<HTML><BODY><H3>The following errors have occurred.</H3>(13) The merchant login ID or password is invalid or the account is inactive.<BR></BODY></HTML>
07-08-2014 01:24 PM
We use CIM, and even their own API isn't able to relay occasionally today: "(E00001) An error occurred during processing. Please try again." Trying it again worked.
Multiple reports of it on Twitter now. Should note that CIM went down last night due to SSL issues as well, and they took out the support page for Firefox as well (Visa created their own root CA).
I really wish Authorize.Net would have a status page. As in the past, I don't expect we'll ever get any kind of response from Authorize.Net, it will just suddenly start working again.
07-08-2014 01:34 PM
We're seeing the same problem today, Oct 8th, starting at about 10:30am. We are also using the commerce_authnet modue with Drupal.
10-08-2014 03:19 PM
Hello @jenlampton
Is this occuring in your production gateway or the sandbox?
Can you provide more detailed information about the response you are receiving from the gateway, or the SSL connection log if no response is received?
Richard
10-08-2014 03:25 PM