cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

SSL peer certificate or SSH remote key was not OK

I have a production site that worked fine with authorize.net up until about 2:00PM EST today. cURL is throwing back a "SSL peer certificate or SSH remote key was not OK" error when attempting to post data to https://secure.authorize.net/gateway/transact.dll.

 

I am the only developer on the site, and I have not logged in at all today until someone reported an issue where they could not complete their transaction. Can anyone provide me with any direction? I have tried restarting the entire device just for good measure. No luck.

BrandonM
Member
12 REPLIES 12

I'm presuming this is for an inbound API call for AIM or DPM. If wrong, please let me know.

We haven't made any SSL changes to the Transact servers in about a year. Did you confirm you have up-to-date Entrust CA certificates in your key store?

--
"Move fast and break things," out. "Move carefully and fix what you break," in.
Lilith
Administrator Administrator
Administrator

Hello,


We also have a machine that started reporting the same errors at approximately 1PM CST today.


Can someone please advise?


Gerald Bauer

JB Systems, LLC

Mrpbody4
Member

Additional details from CURL request:

 

string(0) "" array(20) { ["url"]=> string(49) "https://secure.authorize.net/gateway/transact.dll" ["content_type"]=> NULL ["http_code"]=> int(0) ["header_size"]=> int(0) ["request_size"]=> int(0) ["filetime"]=> int(-1) ["ssl_verify_result"]=> int(1) ["redirect_count"]=> int(0) ["total_time"]=> float(0.000953) ["namelookup_time"]=> float(5.7E-5) ["connect_time"]=> float(0.000999) ["pretransfer_time"]=> float(0) ["size_upload"]=> float(0) ["size_download"]=> float(0) ["speed_download"]=> float(0) ["speed_upload"]=> float(0) ["download_content_length"]=> float(-1) ["upload_content_length"]=> float(-1) ["starttransfer_time"]=> float(0) ["redirect_time"]=> float(0) } SSL peer certificate or SSH remote key was not OK
Array ( [url] => https://secure.authorize.net/gateway/transact.dll [content_type] => [http_code] => 0 [header_size] => 0 [request_size] => 0 [filetime] => -1 [ssl_verify_result] => 1 [redirect_count] => 0 [total_time] => 0.000953 [namelookup_time] => 5.7E-5 [connect_time] => 0.000999 [pretransfer_time] => 0 [size_upload] => 0 [size_download] => 0 [speed_download] => 0 [speed_upload] => 0 [download_content_length] => -1 [upload_content_length] => -1 [starttransfer_time] => 0 [redirect_time] => 0 )

Could you please share HTTPS log data, please, so we can see where your SSL configuration is failing?

I believe on IIS-based servers you may need to enable WinHTTP logging first, then check the log for SSL/TLS errors. There are similar steps you may need to take on Apache servers.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.

Certainly. Just a few moments please...

It appears our machine is not setup for logging this.
Any tips?

Our server started establishing connections again. We rebooted Apache a couple of times through this process, otherwise

no significant changes were made.


Was something done on Authorize's end?

As I mentioned, we haven't made any SSL configuration changes to the Transact servers in about a year. That's why I was asking for logs, so we can see exactly where the SSL negotiation is breaking down.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.

We're also experiencing this issue. No changes have been made on our servers.

 

When trying to curl from command line:

 

curl https://secure.authorize.net/gateway/transact.dll
curl: (51) SSL peer certificate or SSH remote key was not OK

 

What other logs would you like to see?

Thanks