I'm trying to add PayPal payments in a Prestashop (v1.7.3) store using the PayPal & Braintree Official Module (v3.11.6), but until now without success.
Installed and configured the module without any problems, but every time i proceed with a payment this error is displayed to the user:
Tested the module in both sandbox and production environments, and the error still persists.
What can be the problem?
UPDATE: After some debugging i found the origin of the problem. The problem is that the module is unable to connect to PayPal's API via cURL with SSL/TLS.
I'm using Prestashop in Windows Server with IIS, and in this environment cURL has to be informed where the certificate authority is located in order to establish a secure connection.
I downloaded the cacert.pem file from curl website, stored it in my server and then, in module files (PPHtmlConfig.php) i added the CA location in the cURL options settings manually:
CURLOPT_CAINFO => 'C:\\(...)\\cacert.pem',
Now i'm able to connect to PayPal's API and successfully make a payment!
I've contacted the module's tech support team and they are analysing this issue.
After several contacts with the module tech support, this is their final response to the issue:
We do not know the specialty of your server. This is not a recurring
error in our module. It happens if the CURL can not find the CA
certificate. In general, we advise you to ask your server to verify
that the CA certificate is correctly configured. Otherwise, it is
necessary to specify the route or curl to find the certificate, for
example, as you did in your module.
At the moment there is no way to specify this in our module in
general. So, you should wait for the next update of our Paypal module.
So, if someone comes across the same issue when using a Windows Server environment, specify the complete CA path in the module files (as explained in the question update):
I downloaded the cacert.pem file from curl website, stored it in my
server and then, in module files (PPHtmlConfig.php) i added the CA
location in the cURL options settings manually:
CURLOPT_CAINFO => 'C:\\(...)\\cacert.pem',
Related
Is it possible to have Wazuh Manager served through custom SSL certificates? The wazuh-certs-tool gives you a self cert, and every other way to get it served through SSL has failed.
The closest I've gotten to getting this to work is I've had the dashboard being served by a custom SSL, I had agents connecting to it successfully and providing a heartbeat, but had zero log flows or events happening. When I had it in this state, I saw the API calls were coming from what appeared to be a Java instance, erroring out complaining about receiving certificate. I saw a keystore file located at /etc/wazuh-indexer. Do I also need to add the root-ca cert here as well?
It seems that your indexer's excepted certificates do not match the certificates in your manager or the dashboard.
If you follow the normal installation guide, it shows how and where to place your certificates, that are created using the wazuh-cert-tool. But, certificates can be created from any other source, as long as they have the expected information, you can check that informationenter link description here here.
I would recommend you follow the installation steps in the installation guide, from scratch to make sure you copy each excepted certificate in it's place and that the configuration files for your indexer, dashboard, and manager take into account the correct files. All you would need to change, the creation of the certificates, to have your own custom certs.
In case of further doubt, do not hesitate to ask.
As requested by Preston PHX, I uploaded a full copy of my
code to Dropbox:
My test ASP.NET Web App
I hope this helps someone to identify what I may have done wrong
#####################################
I am trying to use the sample code at https://github.com/paypal/Checkout-NET-SDK/tree/develop/Samples to make contact with the Sandbox but it doesn't work for me. In order to find out why, I ran my code in Visual Studio under Localhost in debugging mode, using several breakpoints.
This line of code in my test page ...
var createOrderResponse = CreateOrderSample.CreateOrder(true).Result;
... displayed the following error:
Inner Exception 2:
HttpException: {"error":"invalid_client","error_description":"Client Authentication failed"}
However, it was the environment function in PayPalClient.cs (modified to use my PAYPAL_CLIENT_ID and PAYPAL_CLIENT_SECRET) that appears to have generated the error:
public static PayPalEnvironment environment()
{
return new SandboxEnvironment(
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_ID") != null ?
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_ID"):"<<PAYPAL-CLIENT-ID>>",
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_SECRET") != null ?
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_SECRET"):"<<PAYPAL-CLIENT-SECRET>>");
}
I very carefully copied my PAYPAL_CLIENT_ID and PAYPAL_CLIENT_SECRET from the REST API app I created via the PayPal Developer Dashboard. Apart from that, the GitHub sample code has not been modified. I could see no requirement in the GitHub code to specify a Sandbox URL and assume that this is provided by the PayPalCheckoutSdk via the use of "return new SandboxEnvironment()".
It's not obvious to me why my attempt to connect to this Sandbox account is failing the authentication process. What might I be doing wrong? Is it anything to do with my use of Localhost?
EDIT on 1 Nov 2021 in response to Preston PHX
Creating a new Sandbox Client ID and Secret made no difference. Prompted by another forum post I read some time ago, I also tried using ngrok (for the first time) to open http port 80 to facilitate PayPal testing via Localhost, but the connection to the Sandbox still failed authentication.
Sandbox Client ID: AZcb8XrqhJEUO7lS_JtKSe3sdNDLESmo3ekhupDKTL1J9vQCKVOzacCjO3PBQwSfngYkLGa-qS7EUrGV
Secret:
EBEcuPewHdzCB8p0qE1Yszjk2eMyFCstzkL0Diz2WC5IQREsu6cDHr7yFG9a-GDIyljb-KRb2DA6Hoey
I installed curl (plus Bash and Git) on my Windows 10 PC and ran the curl command specified on the get-an-access-token page. I couldn't find a way to post the result here in an easily readable form so I put it in a Word doc and uploaded that to Dropbox.
https://www.dropbox.com/s/knia3y2ighfzxpa/Result%20of%20PayPal%20curl%20command.docx?dl=0
Edit on 2 Nov 2021
As requested by Preston PHX, I have uploaded a copy of the ASP.NET Web App I have been using for my tests to Dropbox.
https://www.dropbox.com/sh/4uclfs2lexv4v42/AAAjoZIN5cEMV1mu0cYi24zKa?dl=0
I've only uploaded the project folder, as I'm guessing that it is unnecessary to upload my Solution files.
Create a new sandbox client ID and secret in the developer dashboard. Test with the new client ID and secret.
If issues persist,
Update your question with both the new sandbox client ID, and the new sandbox secret.
Update your question with a sample curl command to get an access token, showing the entire command and the entire response in your question.
We have recently migrated to a new hosting environment so have installed a fresh instance of Shibboleth. When we generate sp metadata files, the urls are non-secure (ie http) even though the url used to generate the metadata uses https.
When using the test connection from our own Azure AD system, we see the obvious error: "The reply URL specified in the request does not match the reply URLs configured for the application:"
I have limited knowledge of configuring the system beyond working on shibboleth2.xml and attribute-map.xml so would be very grateful if anyone can point me in the right direction to fix this.
I'm not sure if you managed to configure it but i'm currently working on this as well, and i think i can help.
So the ReplyURL you need to provide in the Azure Portal, is the reply URL that accepts the authentiaction reply message from the identity provider.
In the case of Shibboleth it is:
http[s]://yoursitename/Shibboleth.SSO/Auth/Saml
So if your webpage is for instance:
https://localhost/Foo
The replyURL should be:
https://localhost/Shibboleth.SSO/Auth/Saml
Notice that the page "Foo" is not in the replyURL.
After the authentication the browser should send the IDP reply to https://localhost/Shibboleth.SSO/Auth/Saml, after which Shibboleth should redirect you back to https://localhost/Foo
At least that's the default behaviour.
Recently, 2-SSL verification was added to the server I'm working with.
Up until now I've used Advanced REST Client for server's REST API (mostly GET calls).
Since the SSL change, I'm getting 0 NO REPONSE ERROR:
How can I add SSL certificates to my GET calls? (I do have the .cnf & cacert + cakey files)
From the bug tracker, you can go to the page in your web browser and select 'Proceed Anyway'. After doing that my REST calls went through fine.
Advanced REST Client extension in recent upgrades has resolved this issue , with additional add on ARC Cookie exchange
Link https://chrome.google.com/webstore/detail/arc-cookie-exchange/apcedakaoficjlofohhcmkkljehnmebp
We're just going live with the Intuit API feature on our live application. We finished the last step of the process by uploading the X.509 certificate signed by Comodo PositiveSSL CA. Though our production access status shows up as ready now, we are having a problem using the production OAUTH credentials. We get an unauthorized exception using these credentials. The development OAUTH credentials work fine though. We also tried using Thawte SSL 123 but no luck even with that.
Also, the actual expiry date of the X.509 certificate, we uploaded is 16-Mar-2014 but when we upload this to the Intuit settings page, it shows expired (0/1/1). Please advice.
Adding the update here to this question- issue was with pointing to the wrong PFX file.