I have been working for quite some time on a website that highly depends on Paypal working properly on it. Without it, it is really useless.
Around 1 in the morning my time (I am at CET timezone) everything working perfectly, I polished up the code, functions and it was working as it should. I made triple checks before I went to sleep that everything works as it should.
I wake up in the morning and nothing that has to do with Paypal actually works. A little bit of an explanation of what I am using before I show you the actual code and error. I am using Express Checkout and Paypal Adaptive Payments SDK.
I have a few "virtual" accounts that I made on developer.paypal.com in order to simulate facilitator (owner) and buyer interaction since I have scenario when owner gives money to ther user and visa versa. Anyhow they both worked perfectly and now they both throw this error (in Adaptive Payments SDK, it tells me in which line of code is a mistake and in Express Checkout since that is code that is done via documentation it does not show in which file the error is but it is the same error):
'error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure'
Now after I saw this post https://devblog.paypal.com/poodle-ssl-3-0-vulnerability/ that you just disabled SSL totally, I realized that the problem is in that actually. You want your users to use TLS now which is totally fine. I triple checked that my server has TLS enabled and it does and I changed (for over a million times already) my config settings to use that TLS in cURL (since I am using PHP) by doing something like:
curl_setopt($ch, CURLOPT_SSLVERSION, 1); (this is how it looks like in Express Checkout and in Adaptive Payments it is just an associative array , but it is really the same thing in both)
I also found somewhere and in your advices to actually update my api credentials. I did that. I went to paypal.com -> API and then clicked update which worked, but then I noticed that on my developer.paypal.com account where I have a few of virtual accounts nothing has changed. Should I update those manually or what?
Edit:
This was sent to Paypal support and I was really in a hurry and could not write the entire thing again, so sorry about that! Issue is fixed thanks to anyone who actually took time to read it.
The issue was fixed with the adding CURLOPT_SSL_CIPHER_LIST => 'TLSv1' to my PPHttpConfig.php file! :)
Try add
CURLOPT_SSL_CIPHER_LIST => 'TLSv1'
to your PPHttpConfig.php file. I had the same issue with you and spent hours to find the solution. This worked for me.
One of the reasons for this error is older version of PHP and OPENSSL for e.g. PHP 5.3.5 will cause this error.
Solution, update the PHP (recomended >= 7).
This comes up when searching for Magento Error:14077410:SSL Routines:SSL23_GET_SERVER_HELLO:sslv3 Alert Handshake Failure! If you are trying to solve that, here is the link to the guy who originally solved the issue along with a downloadable patch: https://www.dwdonline.com/blog/fix-magento-error14077410ssl-routinesssl23_get_server_hellosslv3-alert-handshake-failure.html It's the same error - just in another software package.
I've had the same problem.
My server is an old version of Ubuntu 12.04
Check sertificates
echo "All certificates in ca-certificates.crt, listed by subject, check for presence of VeriSign's 'Class 3 Public Primary - G5':"
awk -v cmd='openssl x509 -noout -subject' '/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt | grep "G5"
I updated openssl.
sudo apt-get install openssl
I could updated curl only by this instruction.
http://pavelpolyakov.com/2014/11/17/updating-php-curl-on-ubuntu/
curl 7.47.1 version
And I updated libcurl.
http://juniway.blogspot.com/2015/12/curl-48-unknown-option-was-passed-in-to.html
Related
So I've been using Apple's createPushPackage.php script they provide in their Configuring Safari Push Notifications guide to generate and sign my push packages (edited slightly to use an intermediate cert). It works just fine for me with the old AppleWWDRCA intermediate cert that expires in Feb 2023, but when I try to use the new AppleWWDRCAG3 intermediate cert that expires in 2030, I always get a {"logs":["Signature verification of push package failed"]} error (delivered via webhook) when a user tries to subscribe.
Here is a gist of the createPushPackage.php script I'm using
The same exact issue happens as well when I try to use this Ruby library to generate the push package zip and signature: it works just fine with the old intermediate cert, but I get the same error if I try to use the new one.
Any idea what could be going wrong here, and how to fix it??
EDIT: I noticed that the latest version of Apple's PHP script doesn't involve an intermediate cert at all! I thought this was an oversight at first, but after trying it, everything actually works just fine! I'm worried if this is a future-proof solution though, the Apple Guide explicitly states we have to sign with the intermediate cert. Or perhaps the intermediate cert is already included with the cert we download from the Apple dev center these days? Could anyone help with the commands to check that?
I'm using PayPal-PHP-SDK Package. When I go live, some of my customers (not everyone) are telling me they see an error after the payment (when I try to execute).
I tested the execution in my localhost (WampServer) and it worked. It's not a problem in my credentials because the payment itself worked. The method I use is paypal. What can cause this error?
You might be getting an error of two possible reasons.
You didnt change the clientId and Secret of Live Environment. You should be able to find one on the developer dashboard.
You have not change the mode to live instead of sandbox in your configuration.
In very rare cases, you dont have the permission in live to accept payments.
You can follow instructions here about Going Live.
I have set up a simple Wordpress site with an order form but I'm struggling to get the site to recognise Sage Pay.
I've been following the initial instructions in the PHP integration kit - http://www.sagepay.co.uk/support/find-an-integration-document/direct-integration-documents:
Create a database and add the necessary tables.
Edit the /lib/config.php and the /demo/config.php to include my Sagepay Account and database details
In the test server for Sage Pay I also added the IP address of my site as an exception.
Every time I run the https://mywebsite.com/demo it returns the error:
Ooops!!!
An unexpected error seems to have occurred.
Try to refresh the page or you can contact us if the problem persist.
This is pretty early on in the but I seem to be doing something wrong. Is there something else that needs edited as the instructions are frustratingly vague.
Would I be better just using a Sagepay Direct plug in with Wordpress e-commerce solutions?
Thanks.
I am also a currently frustrated Sagepay learner. To asnswer you question, I had this problem too. My problem was that i had the database details incorrect. I had my local host details on my test environment, and i had not changed the details correctly in demo/config.php before ftp the file to my webserver. Once i did this, i got over the oops screen. The next problem was that i got a blank screen when running index.php from demo. I was told by sagepay that apache needs restarting as a service everytime somethingortheother happens. So on my local environment i restarted all services in wamp and it worked. I can now see the demo (not that i know what to do now as there are no instructions and the php is hidden in a complex class structure with the html content in some tpl files which i have never seen before - of course there are no instructions in the integration kit at all). Anyway back to the answer. So locally i can run the demo, but i still have white screen on my webserver, becuase i can't restart the apache service there, so that is the next problem. I will keep trying and add anything useful later.
I also had this problem, I had not given the database user account the necessary permissions to access the database.
Is the CURLOPT_CAINFO in the curl_setopt_array for PayPal in order for 'live' mode to work?
So basically what im asking is do we have to have SSL in order for PayPal live mode to work, because my script i have made works in sandbox, updates my db how i want it, but only in sandbox, not live. Im not wanting to post my script here I'll open a new thread for that, im just asking a general question so hopefully it will help me, or others in the feature, i searched Google and couldn't get a solid answer.
Have a great day!
As of using curl to make connection to Paypal, if Paypal does allow plain http connection, sure you don't worry about SSL. In that case, answer to your REQUIRED question is NO. But as you see, it depends on the service you are talking to. Let's say Paypal only allows https for production server, then you have to deal with SSL, either by ignoring it or set correct cert path. Both have to be done in set_opt. And here is another qa for this:
Source of PEM files for web service access
I am new to the whole button encryption with paypal. It seemed like all I had to do is what is explained on this page http://www.stellarwebsolutions.com/en/articles/paypal_button_encryption_php.php
but it seems more like than just a plug in play. Seems as though I need Open SSL. I use hosting and don't know if I have the right to install Open SSL on my server or should I just get SSL in the first place since I will be using it in the next couple of months. Currently I have a apache server with cpanel. Any advice would be great. Thank you in advance.
This can be a bear to install and get working with your PHP code. The workaround is to not encrypt, but use a hash to detect tampering, and then reconfirm the hash when the IPN is processed. I explain this here:
How do I make a PayPal encrypted buy now button with custom fields?