developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

TLS 1.2 test - PHP CURL error 1407742E when submitting request to sandbox

View the SolutionThis topic has been marked as solved.

Hi,

 

I'm getting a PHP CURL error when submitting a test transaction to my sandbox account at https://test.authorize.net/gateway/transact.dll. The error is:

 

1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version

 

Does this mean that the version of CURL on the server is not configured to work properly with TLS 1.2? From what I can tell from the PHP Info, the CURL version is 7.36.0 and SSL Version is OpenSSL/0.9.8. PHP version is 5.4.32.

 

Test code looks like below:

 

<?php

$url = 'https://test.authorize.net/gateway/transact.dll';

$ch = curl_init( $url );
curl_setopt( $ch, CURLOPT_POST, true);
curl_setopt( $ch, CURLOPT_POSTFIELDS, $vPostData);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch, CURLOPT_VERBOSE, true);
$response = curl_exec( $ch );
if ($response === false) {
echo "curl_exec failed<br />";
trigger_error(curl_error($ch));
} else {
echo "response: " . $response;
}
curl_close($ch);

?>

 

Thanks!

jsargent3840
Member

‎02-08-2018 12:54 PM

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

View the SolutionThis topic has been marked as solved.

OpenSSL 0.9.8 does not support TLS 1.2. Painting with a broad brush, TLS 1.2 first appeared in OpenSSL 1.0.1.

Powered by NexWebSites.com -
Certified Authorize.net developers

View solution in original post

NexusSoftware
Trusted Contributor

‎02-09-2018 02:19 AM

3 REPLIES 3

View the SolutionThis topic has been marked as solved.

OpenSSL 0.9.8 does not support TLS 1.2. Painting with a broad brush, TLS 1.2 first appeared in OpenSSL 1.0.1.

Powered by NexWebSites.com -
Certified Authorize.net developers
NexusSoftware
Trusted Contributor

‎02-09-2018 02:19 AM

View the SolutionThis topic has been marked as solved.

Thank you for the information. It would appear we have no PHP solutions that work on the server we are working with. Unfortunately the site is on a hosted server so we are unable to install updates. However, I did discover a sample ASP script that seems to work so we will go with that.

jsargent3840
Member
In response to NexusSoftware

‎02-14-2018 07:53 AM

0 Kudos

View the SolutionThis topic has been marked as solved.

While it seems like you've found a solution, think seriously about whether you want to continue giving business to a hosting provider who thinks so little of security that they'd force you into a set of software that old. There's been many security holes found in just PHP alone since then.

 

There's no way a solution built on top of that provider's PHP installation is going to be PCI compliant, and I'd suspect the same is true about anything using ASP on that provider as well.

Aaron_Actual
Contributor
In response to jsargent3840

‎02-14-2018 09:33 AM

Copyright © 2024 Khoros, LLC