Cybersource Developer Community Cybersource Developer Community

Our server admin claims all of that has been done and no dice. I'll ask them to make another pass through and doublecheck all are there. All of the requisite hotfixes are installed. 

Site is classic ASP/VB, unfortunately... hence the slow upgrade/server migration. AIM POST via Microsoft XML library. 

@acknight

So your using the Microsoft.xmlHTTP call?  Try the sample.asp in the AIM ASP SDK going to the live gateway.  Test uses different SSL certs.  I tried it on my IIS 6 (Win2K3) box with a fresh ASP and the sample worked fine.  I don't run any web on this box so it is fresh.

That's the one. I got it back up and running for a few days by getting it to ignore certificate errors, then corrected the certificate errors (or so we think), and now it's timing out trying to connect to secure.authorize.net. I'll try with a vanilla example tomorrow... but ours is based on the example one, albeit from when my predecessor set it up years ago.

I read that it uses the IE API.  Try running IE and going to https://secure.authorize.net/.  IT should take you to a page and you can view the SSL certs on the lock icon. I do have IE 8 on this box.

@acknight

Looking deeper it hooks into windows\system32\crypt32.dll and needs to be version 5.131.3790.4095 or higher on Windows 2003SP2.  Mine was even higher by KB2918614.  You can test by going to secure.authorize.net and downloading it's certificate.  You can then run 'certutil -verify certname.cer'  This should complete without an error.

For Java people, I found a test program.  Download http://www.houstonuniform.com/HTTPSClient.class and save it somewhere.  It is compiled with Java 1.4.  Run 'java HTTPSClient website.com'  You have to be in the directory where you saved the file.  Example: '\CFusionMX\runtime\jre\bin\java HTTPSClient secure.authorize.net'  This should seem to hang if the cert is fine.  Hit CTRL-C to quit.  If your cacerts isn't updated you will get an Exception: no trusted certificate found.

I was bored and created a zip with instructions for Java/Coldfusion updates for AIM API.  Read the README.TXT file first.  You have to find your Coldfusion runtime directory and extract the files in its lib/security dir.  On my Java 1.4 test I only needed two certificates (EntrustG2 and the secure.authorize.net).  This zip includes Java 1.6 keytool (keytool16.exe and its jdi.dll) to get past the error Java 1.4 keytool experiences, the two certificates, and the HTTPSClient.class to test connection.

http://www.houstonuniform.com/CFSSLUpdate.zip

What version of ColdFusion are you running? We are running CFMX 7 with JRE version1.4. The G2 will not install with JRE 1.4 from our experience. The G2 cert requires a higher version of JRE.

We have another server running BlueDragon on JRE version 1.7.0_45. The G2 certificate installed just fine and that application is back up and running for Authorize.net transactions (just from installing one cert, the G2).