Cybersource Developer Community Cybersource Developer Community

Is this script run on the same server?  If not, what is the environment?

Can you post the whole script or the line number and part of the script that is failing?

Thank you again.  I have spent the last 2 days trying to test this issue, scour the internet and figure it out.  Since I know the server works and asp classic code works, the problem has to be in my code and it looks to be the same line that was the final fix in the asp code.

I need the vbs program to run from the task scheduler.  This same logic has run for over 10 years with no problem until 2/28.  Since the asp code worked the other day, I assume I could just turn the tasks back on and it would work after I applied the same changes but it did not.

I created 2 almost identical basic programs that connect to authorize.net; one in asp classic and one in vbs.  The asp program works but the vbs program does not.  

Here are copies of both programs.  I changed sensitive data to "xxx" in both programs after I tested but these values were valid and identical when I tested each program a few minutes ago.

Yes, the programs reside on the same server and in the same folder (wwwroot), where they have always resided and worked in the past.

asp classic:

<%

'test_tls_040318.asp 

Dim xml, strStatus, strRetval

On Error Goto 0

Dim x_version, x_delim_data, x_relay_response

Dim x_amount, x_card_num, x_exp_date, x_type

Dim x_first_name, x_last_name, x_company, x_address

Dim x_city, x_state, x_zip, x_phone, x_fax, x_card_code, x_email, x_email_customer

dim ccnum

x_version = "3.1" 

x_delim_data = "TRUE"

x_delim_char = "|"

x_relay_response = "False"

Const x_login = "xxx"

Const x_tran_key = "xxx"

x_exp_date = ""  ' MMYYYY

x_type = "AUTH_CAPTURE"

x_email_customer = "FALSE"

x_description = " Monthly Charge Test"

x_amount = 29.95

x_email = "alexis@xx" 'email_address

dim cardnum, fax, tfreenum

cardnum = "xxx"

x_card_num = sr_decode(unescape(cardnum))

x_first_name = "Alexis" 'unescape(fname)

x_last_name = "test" 'unescape(lname)

x_company = "ABC" 'unescape(company_name)

x_address = "1 Main Street" 'unescape(address1and2)

x_city = "BestTown" 'unescape(city)

x_state = "NJ" 'unescape(state)

x_zip = "08003" ''zip

x_phone = "8562222222" 'client_phone

x_fax ="8562222222" ' fax

x_card_code = ""  'not using cvc

tfreenum = "xxx"

x_invoice_num = tfreenum

x_cust_id = 3488 'client_id

x_country = "US"

x_ship_to_country = "US"  

credit_card_cvc_num      = ""

credit_card_expire_month = 07 '''''ccmonexp

credit_card_expire_year  = 2022 ''ccyearexp

if Len(credit_card_expire_month) = 1 then

  credit_card_expire_month = "0" & credit_card_expire_month

end if

x_exp_date = credit_card_expire_month & credit_card_expire_year

dim vPostData

vPostData = "x_login=" & x_login & "&x_tran_key=" & x_tran_key & "&x_version=" & x_version &_

"&x_delim_data=" & x_delim_data & "&x_delim_char=" & x_delim_char & "&x_relay_response=" & x_relay_response &_

"&x_type=" & x_type & "&x_card_num=" & x_card_num & "&x_exp_date=" & x_exp_date & "&x_card_code=" & x_card_code &_

"&x_amount=" & x_amount & "&x_first_name=" & x_first_name & "&x_last_name=" & x_last_name &_

"&x_company=" & x_company &"&x_address=" & x_address & "&x_city=" & x_city & "&x_state=" &_

x_state &"&x_zip=" & x_zip & "&x_email_customer=" & x_email_customer & "&x_email=" & x_email &_

"&x_phone=" & x_phone & "&x_fax=" & x_fax & "&x_description=" & x_description &_

"&x_recurring_billing=" & "NO" &_

"&x_ship_to_first_name=" & x_first_name & "&x_ship_to_last_name=" & x_last_name &_

"&x_ship_to_company=" & x_company & "&x_ship_to_address=" & x_address &_

"&x_ship_to_city=" & x_city & "&x_ship_to_state=" & x_state & "&x_ship_to_zip=" & x_zip &_

"&x_invoice_num=" & x_invoice_num & "&x_cust_id=" & x_cust_id

  Set xml = Server.CreateObject("MSXML2.XMLHTTP.6.0")  '3/29/18

  xml.open "POST", "https://secure.authorize.net/gateway/transact.dll", false

  xml.send vPostData

  strStatus = xml.Status

  strRetval = xml.responseText

'Response.Write "vPostData_asp=" & vbcrlf & vbcrlf

'Response.write vPostData & vbcrlf & vbcrlf

Response.write "strstatus: "  & strStatus & vbcrlf & vbcrlf

Response.Write "strRetval: " & strRetval ''xml.responseText

Response.End

'///////////////////////////////

function sr_decode(str)

    offset = 8

    oldStr = ""

    for i = 1 to len(str)

        oldStr = oldStr & chr((asc(mid(str,i,1))-offset))

    next

    sr_decode = oldStr

end function

%>

vbs:

'4/2/18 cc_monthly_charge_test2.vbs

Dim xml, strStatus, strRetval

On Error Goto 0

Dim x_version, x_delim_data, x_relay_response

Dim x_amount, x_card_num, x_exp_date, x_type

Dim x_first_name, x_last_name, x_company, x_address

Dim x_city, x_state, x_zip, x_phone, x_fax, x_card_code, x_email, x_email_customer

dim ccnum

x_version = "3.1" 

x_delim_data = "TRUE"

x_delim_char = "|"

x_relay_response = "False"

Const x_login = "xxx"

Const x_tran_key = "xxx"

x_exp_date = ""  ' MMYYYY

x_type = "AUTH_CAPTURE"

x_email_customer = "FALSE"

x_description = "Monthly Charge Test"

x_amount = 29.95

x_email = "alexis@xxxx"

dim cardnum, fax, tfreenum

cardnum = "xxx"

x_card_num = sr_decode(unescape(cardnum))

x_first_name = "Alexis" 'unescape(fname)

x_last_name = "test" 'unescape(lname)

x_company = "ABC" 'unescape(company_name)

x_address = "1 Main Street" 'unescape(address1and2)

x_city = "BestTown" 'unescape(city)

x_state = "NJ" 'unescape(state)

x_zip = "08003" ''zip

x_phone = "8562222222" 'client_phone

x_fax ="8562222222" ' fax

x_card_code = ""  'not using cvc

tfreenum = "8779999999"

x_invoice_num = tfreenum

x_cust_id = 3488 'client_id

x_country = "US"

x_ship_to_country = "US"  

credit_card_cvc_num      = ""

credit_card_expire_month = 07 '''''ccmonexp

credit_card_expire_year  = 2022 ''ccyearexp

if Len(credit_card_expire_month) = 1 then

  credit_card_expire_month = "0" & credit_card_expire_month

end if

x_exp_date = credit_card_expire_month & credit_card_expire_year

dim vPostData

vPostData = "x_login=" & x_login & "&x_tran_key=" & x_tran_key & "&x_version=" & x_version &_

"&x_delim_data=" & x_delim_data & "&x_delim_char=" & x_delim_char & "&x_relay_response=" & x_relay_response &_

"&x_type=" & x_type & "&x_card_num=" & x_card_num & "&x_exp_date=" & x_exp_date & "&x_card_code=" & x_card_code &_

"&x_amount=" & x_amount & "&x_first_name=" & x_first_name & "&x_last_name=" & x_last_name &_

"&x_company=" & x_company &"&x_address=" & x_address & "&x_city=" & x_city & "&x_state=" &_

x_state &"&x_zip=" & x_zip & "&x_email_customer=" & x_email_customer & "&x_email=" & x_email &_

"&x_phone=" & x_phone & "&x_fax=" & x_fax & "&x_description=" & x_description &_

"&x_recurring_billing=" & "NO" &_

"&x_ship_to_first_name=" & x_first_name & "&x_ship_to_last_name=" & x_last_name &_

"&x_ship_to_company=" & x_company & "&x_ship_to_address=" & x_address &_

"&x_ship_to_city=" & x_city & "&x_ship_to_state=" & x_state & "&x_ship_to_zip=" & x_zip &_

"&x_invoice_num=" & x_invoice_num & "&x_cust_id=" & x_cust_id

Set xml = CreateObject("MSXML2.ServerXMLHTTP.6.0")

 'Set xml = CreateObject("MSXML2.XMLHTTP.6.0")

 'Set xml = Createobject("MSXML2.ServerXMLHTTP")

 'Set xml = CreateObject("WinHTTP.WinHTTPRequest.5.1")

  xml.open "POST", "https://secure.authorize.net/gateway/transact.dll", false

  xml.send vPostData

  'strStatus = xml.Status

  'strRetval = xml.responseText

 ' Set xml = nothing

'msgbox "strstatus: "  & strStatus

'msgbox "strRetval: " & strRetval

'///////////////////////////////

function sr_decode(str)

    offset = 8

    oldStr = ""

    for i = 1 to len(str)

        oldStr = oldStr & chr((asc(mid(str,i,1))-offset))

    next

    sr_decode = oldStr

end function

The VBS program bombs on line 71 each time:  xml.send vPostData

This happens no matter which set line I use.  This vbs program does not work with the same "server." line that the asp line has.  I never used "server." when the program worked previously.

If I use: Set xml = CreateObject("MSXML2.ServerXMLHTTP.6.0")

Set xml = Createobject("MSXML2.ServerXMLHTTP")

or

Set xml = CreateObject("WinHTTP.WinHTTPRequest.5.1"),

I get the error "An error occurred in the secure channel support".

If I use:

Set xml = CreateObject("MSXML2.XMLHTTP.6.0"),

I get the error: "The system cannot locate the resource specified."

In asp, this set line works perfectly:

  Set xml = Server.CreateObject("MSXML2.XMLHTTP.6.0") 

If I try the exact same set line in the vbs program that works in the asp program, I get an error "Object Required: Server".  That's when I realized I forgot to remove the "server:" part of the set line for vbs when I applied the same changes in vbs that I did in asp classic.

Thanks again for your help.

Regards,

Alexis

What version is your winhttp.dll in the windows\system32 folder?

Try the same exact set object line that you are using in the asp script that has "Server." in front of CreateObject like this:

Set xml = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")

or

Set xml = Server.CreateObject("WinHTTP.WinHTTPRequest.5.1")

Does your server have ASP.NET 4.5?  You can find this in the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319\SKUs\

windows\system32 version is:

6.2.9200.16451

I tried the putting "Server." in front of all 4 objects but each one gave me the error:

Object Required: 'Server’

 Set xml = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")

 Set xml = Server.CreateObject("WinHTTP.WinHTTPRequest.5.1")

 Set xml = Server.CreateObject("MSXML2.XMLHTTP.6.0") 

'Set xml = Server.Createobject("MSXML2.ServerXMLHTTP")

And, in my previous script that worked, I did not use "Server."  

And, yes, we have ASP.NET 4.5.  I checked the registry and we have 4.5 and below that we have 4.5.1.

Thanks!

Alexis

Try using this set object: Set xml = CreateObject("WinHTTP.WinHTTPRequest.5.1")

and then add

xml.Option(9) = 2048 'TLS 1.2

just before

xml.open "POST", "https://secure.authorize.net/gateway/transact.dll", false

Should look something like this:

'Set xml = CreateObject("MSXML2.ServerXMLHTTP.6.0")

'Set xml = CreateObject("MSXML2.XMLHTTP.6.0")

'Set xml = Createobject("MSXML2.ServerXMLHTTP")

Set xml = CreateObject("WinHTTP.WinHTTPRequest.5.1")

xml.Option(9) = 2048 'TLS 1.2  

xml.open "POST", "https://secure.authorize.net/gateway/transact.dll", false

xml.send vPostData

'strStatus = xml.Status

'strRetval = xml.responseText

' Set xml = nothing

If that still throws an error then your winhttp.dll may not support TLS 1.2.  From what I have found version 6.3.9600.xxxx supports TLS 1.2.  I can't find anywhere that you can install a patch for the dll but you can get a copy from a Server 2012r2 installation and copy it into the Windows\System32 folder. Just rename the current one so you have it to restore rather than deleting it.

Thank you again! It works!  The changes you indicated did the trick.

Set xml = CreateObject("WinHTTP.WinHTTPRequest.5.1")

xml.Option(9) = 2048 'TLS 1.2  

I applied the changes first to a watered-down test program and it worked.  Then I applied the change to a test program that is the live code but only looked at a test account and that worked.

So I applied the change to my live program.  The process was kicked off by the task scheduler at 1am and all our clients were successfully billed by the process for the first time in almost 5 weeks.

My client and I send you a big thank you.  He so appreciates that you took your time and expertise to help us.  I do too.

I sincerely hope this post will help others as our old website, server and programs certainly had almost every issue possible to fight getting TLS 1.2 to work for our billing processes on authorize.net.

Thank you again and best wishes.

Alexis

Glad to hear it is working now.

It looks like vbscript doesn't follow the registry defaults like asp scripts do.  Using the Option(9) setting allows you to specify the TLS version.

It may also be true that the winhttp.dll version dictates the TLS version but in either case this fix seems to work.

I had a feeling that was the problem.  I knew the server was fixed so I knew the problem was in my code and I knew the vbscript was not going through the website so there had to be another line to "tell it" to do this or that when connecting.  I had searched for a few days on my own trying to find that "line" before I posted again and bothered you.

I am so grateful to you.  I have been doing my day job and trying to work this issue out at night and early in the morning for 5 weeks.  I felt so bad that I messed up my client by not paying attention to the authorize.net warning emails about tls 1.2 sent way in advance.  I learned a good lesson. 

Thank you again!

Alexis

I am uning the

Windows Server 2008 R2.

IIS6.0

Classic ASP

Vbscript

Below are the code part that is using :
post_url = "https://secure.authorize.net/gateway/transact.dll"

Set objRequest = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")

objRequest.open "POST", post_url, false
objRequest.send post_string

I am getting the error when executing the "objRequest.send post_string". error is :

msxml6.dll error '80072f7d'

An error occurred in the secure channel support

Also followed below suggestion but still getting the same issue:

Your webserver probably needs TLS 1.0 to communicate with the database server.  Have the host re-enable 1.0 and 1.1.  Then have the host set the "DefaultSecureProtocols" registry keys to 0x00000800.  This key will need to be added to each of these:

On x64-based computers, DefaultSecureProtocols must also be added to the Wow6432Node path: