Since last Tuesday we have been unable to access our authorize.net CIM information via our internal ERP system. The transaction goes out to authorize.net and is accepted, however, when returned we are unable to decrypt what is being sent back. So, the result looks a mixture of different types of characters including wingdings, alpha and numeric. We have run several tests. The results were as follows, which includes testing from our internal network and our developer’s network:
Pointing to the sandbox/test authorize.net environment everything worked successfully.
Pointing to the production authorize.net environment we received encrypted data, which we are unable to decrypt
Additional Information: We’ve made no changes within our internal ERP environment. Our ERP system is developed in FoxPro 9(vfp9). We are utilizing pieces of a 3rd party widget/plugin called West Wind, for our authorize.net integration.
Note, we've also confirmed the same transaciton key and login information is being used on our website, and the results are being passed back readable with no issues.
Solved! Go to Solution.
07-14-2014 11:58 AM - edited 07-14-2014 12:08 PM
Authorize.net has confirmed that they made a change to IIS which in turn affected GZIP.
They are not rolling back the change they did so we did need to modify our code to work around their change.
The Westwind code change we made:
**************************************************************
** 07/17/2014 force the HTTP request to only
** have 'Content-Type', 'text/XML; charset=UTF-8'
** and no ref to gzip
**************************************************************
loHTTP.addheader("")
loHTTP.addheader('Content-Type', 'text/XML; charset=UTF-8')
**************************************************************
This fixed our issue and we are no longer receiving jumbled responses.
THANK YOU RaynorC1emen7 for your help in identifying and fixing this issue for us!
07-18-2014 10:21 AM
Also, our website (which is working successfully) is using API methods to send requests, where as our ERP environment is using XML.
07-14-2014 12:15 PM
Encrypted data? so the xml structure is there?
Last Tuesday? isn't that a windows updated date? can you see if windows updated ran on that day and the time?
do you have something like fiddler2 to look at the http traffic on the ERP server?
07-14-2014 01:14 PM - edited 07-14-2014 01:19 PM
RaynorC1emen7,
Let me know if you need any more information.
GKELITE
07-15-2014 07:25 AM - edited 07-15-2014 07:31 AM
That doesn't make sense, both soap and xml url use the same ssl cert.
can you download the sample code CIM XML code to try in your developer's network?
07-15-2014 07:42 AM - edited 07-15-2014 07:43 AM
What sample code are you talking about? Can you elaborate?
07-15-2014 07:51 AM
07-15-2014 08:27 AM
Ok,
I spoke with our developer. Understand that I'm not a developer myself so there may be some misuse of vocab here.
Our ERP system is written in Visual FoxPro, which doesn't have the ability to access the Microsoft .NET System Objects or the AuthorizeNet.DLL to run the XML code provided in the examples provided by Authorize.Net.
According to our developer we currently run functions that use 3rd party Class Libraries from WestWind Technologies which then uses very low level set of code (OS Level) to Transmit & Receive data from the Authorize.net API URL.
Is there another way to test what you'd like to test? I've asked that our developer do an official write-up of the information when he gets back in the office around 3PM EST.
Once I have that I will post it as well.
Below is a sample XML file which has been used & working since December 2012:
SAMPLE AUTHORIZE.NET:
Sample of the XML File lcXML1=lcXML1+'<?xml version="1.0"?>' lcXML1=lcXML1+'<createCustomerProfileRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">' lcXML1=lcXML1+" <merchantAuthentication>" lcXML1=lcXML1+" <name>"+lcLOGIN+"</name>" lcXML1=lcXML1+" <transactionKey>"+lcTRANKEY+"</transactionKey>" lcXML1=lcXML1+" </merchantAuthentication>"+ lcXML1=lcXML1+" <profile>"+CHR(13)+CHR(10) lcXML1=lcXML1+" <merchantCustomerId>"+mCUSTNO+"</merchantCustomerId>" lcXML1=lcXML1+" <description>"+mCOMPANY+"</description>" lcXML1=lcXML1+" <email>"+mEMAIL+"</email>" lcXML1=lcXML1+" </profile>" lcXML1=lcXML1+"</createCustomerProfileRequest>" Code used to transmit to Authorize.net loHttp = CREATE('wwhttp') 1 - creates & opens http object loHttp.nHttpPostMode = 4 2 - tells the object posting an XML loHttp.AddPostKey(lcXml1) 3 - add the XML to the Object lCResult=loHTTP.HTTPGet(lcXMLURL) 4 - Sends the XML to authorize.net and receives the response DO ParseResponse WITH lcTYPE 5 - parse the XML data being returned LoHTTP.HTTPClose() 6 - Close the HTTP object and connection
I hope this helps. Let me know if you need anything else, and thanks again for helping with this issue.
GKElite
07-15-2014 11:31 AM
Look at some doc on https://www.west-wind.com/
the prod server do pass in gzip, it this turn on?
https://www.west-wind.com/webconnection/wwipstuff_docs/_20j0b58l2.htm
07-15-2014 12:58 PM
can the developer see what header information is getting pass?
and there also cErrorMsg https://www.west-wind.com/webconnection/wwipstuff_docs/_0jj1auej3.htm
and there is cResultCode https://www.west-wind.com/webconnection/wwipstuff_docs/_0xy0ul6dp.htm
can they see if there is an error?
07-15-2014 01:22 PM