Hi All,
I wasa successfully using a sandbox account to test a new website payment solution. Up until a few days ago sandbox transactions were being successfully sent and responses successfully received. If I change the post to url and API credentials from https://test.authorize.net/gateway/transact.dll to https://secure.authorize.net/gateway/transact.dll the transaction is accepted and a valid response is returned. The error I get when posting to https://test.authorize.net/gateway/transact.dll is:
msxml3.dll error '800c0008'
System error: -2146697208.
so sandbox fails, same transaction data posted to LIVE account is accepted. Tried other methods of posting to sandbox with no luck but each method I tried successfully posts to the LIVE url.
Any ideas why it used to work then stopped ? And why same code works for LIVE but not sandbox ?
Thanks !
Solved! Go to Solution.
08-03-2016 04:59 AM
We removed support for 3DES ciphers on July 30, 2016 as mentioned in our developer blog. This may be the cause of your problem.
Richard
08-04-2016 08:30 AM
Hello @eagles
Could you provide us with a sample request you're sending to the gateway with any sensitive information removed and any response/log?
Also, have you recently updated or rebooted your system?
Richard
08-03-2016 08:38 AM
The following PostData works in the LIVE environment but not the sandbox, but I'm failry certain it's not the contents of the posted transaction that's the issue.
PostData = "x_Login=<sandbox login>&x_Tran_Key=<sandbox pass>&x_Version=3.1&x_Delim_Data=TRUE&x_Delim_Char=|&x_ADC_URL=FALSE&x_Type=AUTH_CAPTURE&x_Card_Code=&x_Card_Num=5105105105105100&x_Exp_Date=92019&x_Description=TheCompany&x_Amount=20.03&x_First_Name=Tatyana&x_Last_Name=Butsy&x_company=ButsysBurgers&x_Address=1515 37th Ave Ne Ste 104&x_City=Anycity&x_State=FL&x_ZIP=90210&x_Country=US&x_Phone=800-555-1212&x_Fax=800-555-2323&x_Email=me@domain.com&x_Customer_IP=10.10.10.10&x_invoice_num=691&x_cust_id=178745"
Any connection made to the sandbox fails, but the same exact connection, just changing the post to URL, api user, and api pass, to the LIVE environment works. What's more, leaving the api login credentials the same and just posting to the live URL will return results, an error about invalid login, I get nothing like that using the sandbox url. Anything posted to test.authorize.net\gateway\transact.dll returns an error where it didn't just a week ago. And not an authorize.net system error, I just get no response.
Thanks !
08-03-2016 03:29 PM
Hmmm...
Are you able to put wireshark on the connection, see what may be lurking in the connection details?
Also, have you made any changes/updates to your platform, framework or tools?
Richard
08-03-2016 04:55 PM
No changes. Here are my wireshark results, testing with "secure.authorize.net" I got:
32 1.944733 64.94.118.32 myipaddr TLSv1 191 Server Hello, Change Cipher Spec, Encrypted Handshake Message
and I got results back as I have been.
At the same place in the test transaction instead using "test.authorize.net" I got:
93 11.819554 23.79.156.50 myipaddr TLSv1 61 Alert (Level: Fatal, Description: Handshake Failure)
Level: Fatal (2)
Description: Handshake Failure (40)
same server, same code, only difference is the URL I am posting to. I got a "Server Hello" for LIVE, I never get a "Server Hello" for test.authorize.net
Thoughts ?
08-03-2016 09:05 PM
Also noticed a difference in the Client Hello, for the LIVE url I see:
Random
Session ID Length: 32
Session ID: 8b9795875c3f8cdd4955e49156ff5c92b15d952da7766b92...
for the sandbox url I see:
Random
gmt_unix_time: Aug 3, 2016 22:52:05.000000000 Central Daylight Time
random_bytes: 675bc00d457094bcba1d7abb86d4addf37981110918868d4...
Not sure if that makes a difference, just thought I'd mention it.
Thanks !
08-03-2016 09:21 PM
We removed support for 3DES ciphers on July 30, 2016 as mentioned in our developer blog. This may be the cause of your problem.
Richard
08-04-2016 08:30 AM
Hi Richard,
Timing is just right, that's when it stopped working. For others that may have experienced this, I applied this hotfix:
https://support.microsoft.com/en-us/kb/3050509
which added the following cipher suites:
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256
and it's working again.
Thanks !
08-04-2016 09:05 AM
@eagles -- That's excellent news, thank you for sharing.
That said, since Windows Server 2003 hasn't been supported for a year, I hope you will consider upgrading the server entirely, to Server 2008 or newer. Unsupported server platforms are generally considered a violation of PCI DSS, due to the lack of active security patching.
08-04-2016 09:19 AM