Showing results for 
Search instead for 
Did you mean: 

Sandbox ASP error on POST, LIVE works

Hi All,


I wasa successfully using a sandbox account to test a new website payment solution. Up until a few days ago sandbox transactions were being successfully sent and responses successfully received. If I change the post to url and API credentials from to the transaction is accepted and a valid response is returned. The error I get when posting to is:


msxml3.dll error '800c0008'

System error: -2146697208.


so sandbox fails, same transaction data posted to LIVE account is accepted. Tried other methods of posting to sandbox with no luck but each method I tried successfully posts to the LIVE url.


Any ideas why it used to work then stopped ? And why same code works for LIVE but not sandbox ?


Thanks !



Accepted Solutions

We removed support for 3DES ciphers on July 30, 2016 as mentioned in our developer blog.  This may be the cause of your problem.



View solution in original post


Hello @eagles


Could you provide us with a sample request you're sending to the gateway with any sensitive information removed and any response/log?


Also, have you recently updated or rebooted your system?



Administrator Administrator

The following PostData works in the LIVE environment but not the sandbox, but I'm failry certain it's not the contents of the posted transaction that's the issue.


PostData = "x_Login=<sandbox login>&x_Tran_Key=<sandbox pass>&x_Version=3.1&x_Delim_Data=TRUE&x_Delim_Char=|&x_ADC_URL=FALSE&x_Type=AUTH_CAPTURE&x_Card_Code=&x_Card_Num=5105105105105100&x_Exp_Date=92019&x_Description=TheCompany&x_Amount=20.03&x_First_Name=Tatyana&x_Last_Name=Butsy&x_company=ButsysBurgers&x_Address=1515 37th Ave Ne Ste 104&x_City=Anycity&x_State=FL&x_ZIP=90210&x_Country=US&x_Phone=800-555-1212&x_Fax=800-555-2323&"


Any connection made to the sandbox fails, but the same exact connection, just changing the post to URL, api user, and api pass, to the LIVE environment works. What's more, leaving the api login credentials the same and just posting to the live URL will return results, an error about invalid login, I get nothing like that using the sandbox url. Anything posted to\gateway\transact.dll returns an error where it didn't just a week ago. And not an system error, I just get no response.


Thanks !



Are you able to put wireshark on the connection, see what may be lurking in the connection details?


Also, have you made any changes/updates to your platform, framework or tools?



No changes. Here are my wireshark results, testing with "" I got:


32 1.944733 myipaddr TLSv1 191 Server Hello, Change Cipher Spec, Encrypted Handshake Message


and I got results back as I have been.


At the same place in the test transaction instead using "" I got:


93 11.819554 myipaddr TLSv1 61 Alert (Level: Fatal, Description: Handshake Failure)


Level: Fatal (2)

Description: Handshake Failure (40)


same server, same code, only difference is the URL I am posting to. I got a "Server Hello" for LIVE, I never get a "Server Hello" for


Thoughts ?


Also noticed a difference in the Client Hello, for the LIVE url I see:



Session ID Length: 32

Session ID: 8b9795875c3f8cdd4955e49156ff5c92b15d952da7766b92...


for the sandbox url I see:



gmt_unix_time: Aug  3, 2016 22:52:05.000000000 Central Daylight Time

random_bytes: 675bc00d457094bcba1d7abb86d4addf37981110918868d4...


Not sure if that makes a difference, just thought I'd mention it.

Thanks !

We removed support for 3DES ciphers on July 30, 2016 as mentioned in our developer blog.  This may be the cause of your problem.



Hi Richard,


Timing is just right, that's when it stopped working. For others that may have experienced this, I applied this hotfix:


which added the following cipher suites:


TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256


and it's working again.


Thanks !

@eagles -- That's excellent news, thank you for sharing.

That said, since Windows Server 2003 hasn't been supported for a year, I hope you will consider upgrading the server entirely, to Server 2008 or newer. Unsupported server platforms are generally considered a violation of PCI DSS, due to the lack of active security patching.

"Move fast and break things," out. "Move carefully and fix what you break," in.