Cybersource Developer Community Cybersource Developer Community

Mohammed · ‎01-23-2018

Hi there,

We have been facing some issues while accessig the Accept hosted page on our DMZ server where all the Authorize.net IPs have already have been whitelisted. However I am able to get the hosted page along with the response token from getHostedPaymentPageRequest API on my local machine which in our internal network. Also I have been getting the response token using the postman REST client as well on both of the environment. But Its really tricky to understand why we are not able to get the Accept hosted page on the DMZ machine which has the has code as my local machine.

Also we'd like to know if there is a way if we can create a customer profile info (customer profile id and customer payment id) using a $0 Authorization transaction in order to get the transaction Id as apart of the silent postback response from authorize.net and then use that customer profile info in order to create a recurring subscription. It has to be noted that the credit card details have to be entered from the hosted page itself while performing the $0 auth transactiona and not supplied through the code by making an API call.

Any help regarding this is greatly appreciated. Looking forward to hearing from you guys. Thanks in advance.

Best regards,

mohammed

Mohammed · ‎01-25-2018

The DMZ server was scanned for TLS 1.2 and it passed the scan supporting TLS 1.2 .We didnt any error message from the authorize.net SDK as well. There is no response token from authorize.net not even null.

View solution in original post

Aaron_Actual · ‎01-23-2018

Does that machine in the DMZ support TLS 1.2?

Is it able to make any other connections to Authorize.Net?

What sort of response does it get? None? Or an error message?

Anurag · ‎01-23-2018

Hi @Mohammed

You should be able to add the payment Profile when using the AcceptHosted by passing the below field .

addPaymentProfile specifies whether to allow the customer to use the payment form to add a new form of payment to their customer profile.

https://developer.authorize.net/api/reference/features/accept_hosted.html

Hope this helps .

Send feedback at developer_feedback@authorize.net

Mohammed · ‎01-24-2018

Since I am able to get the response token when I make a http POST to your the authorize.net sandbox API using POSTMAN and also being able ping the sandbox.authorize.net , i am assuming that it supports TLS 1.2 as it aslo reaches apitest.authorize.net and tst.authorize.net on http and https.

It neither gives response token back nor an error message

Mohammed · ‎01-25-2018

The DMZ server was scanned for TLS 1.2 and it passed the scan supporting TLS 1.2 .We didnt any error message from the authorize.net SDK as well. There is no response token from authorize.net not even null.

bhav · ‎01-25-2018

Yes, We do support TLS 12 . I just used POSTMAN to try out simple request. Able to get response successfully. I am not able to attach screenshots here. Here is the request i tried in POSTMAN

POST - https://apitest.authorize.net/xml/v1/request.api

Raw body -

<createTransactionRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
  <merchantAuthentication>
    <name>8zw38TXp</name>
    <transactionKey>29L3e238quN7yqQT</transactionKey>
  </merchantAuthentication>
  <refId>123456</refId>
  <transactionRequest>
    <transactionType>authCaptureTransaction</transactionType>
    <amount>5</amount>
    <payment>
      <creditCard>
        <cardNumber>5424000000000015</cardNumber>
        <expirationDate>2020-12</expirationDate>
        <cardCode>999</cardCode>
      </creditCard>
    </payment>
    <profile>
      <createProfile>true</createProfile>
    </profile>
    <order>
     <invoiceNumber>INV-12345</invoiceNumber>
     <description>Product Description</description>
    </order>
    <lineItems>
      <lineItem>
        <itemId>1</itemId>
        <name>vase</name>
        <description>Cannes logo </description>
        <quantity>18</quantity>
        <unitPrice>45.00</unitPrice>
      </lineItem>
    </lineItems>
    <tax>
      <amount>4.26</amount>
      <name>level2 tax name</name>
      <description>level2 tax</description>
    </tax>
    <duty>
      <amount>8.55</amount>
      <name>duty name</name>
      <description>duty description</description>
    </duty>
    <shipping>
      <amount>4.26</amount>
      <name>level2 tax name</name>
      <description>level2 tax</description>
    </shipping>
    <poNumber>456654</poNumber>
    <customer>
      <id>999994566543</id>
    </customer>
    <billTo>
      <firstName>Ellen</firstName>
      <lastName>Johnson</lastName>
      <company>Souveniropolis</company>
      <address>14 Main Street</address>
      <city>Pecan Springs</city>
      <state>TX</state>
      <zip>44628</zip>
      <country>USA</country>
    </billTo>
    <shipTo>
      <firstName>China</firstName>
      <lastName>Bayles</lastName>
      <company>Thyme for Tea</company>
      <address>12 Main Street</address>
      <city>Pecan Springs</city>
      <state>TX</state>
      <zip>44628</zip>
      <country>USA</country>
    </shipTo>
    <customerIP>192.168.1.1</customerIP>
    <userFields>
      <userField>
        <name>MerchantDefinedFieldName1</name>
        <value>MerchantDefinedFieldValue1</value>
      </userField>
      <userField>
        <name>favorite_color</name>
        <value>blue</value>
      </userField>
    </userFields>
  </transactionRequest>
</createTransactionRequest>

Mohammed · ‎02-02-2018

I have tried to use wireshark in order to intercept the packets exchanged with the TLSv1.2 filter at the time of making an API call to get the response token and found out that it returning " 61 Alert (Level 1: Fatal , Description: Certificate Unknown)" with the TLSv1.2 protocol in the DMZ area but everything seems to working fine on my local machine which is in the internal network.

Cybersource Developer Community Cybersource Developer Community

Not able to get the response token and consequently not able to access the accept hosted page