paypalfunctions.asp and expresscheckout.asp files
I'm hoping to find help, and if not help then a developer for hire who is proficient in Classic ASP and PayPal and can help me resolve this.
We have a Windows 2008 R2 Server running Classic ASP. We have been sandbox testing development for over a year now and recently all PayPal Express Checkout "posts" seem to have stopped and now when you click the buttons to take you to expresscheckout the screen goes blank. White. Returns absolutely nothing.
So this would mean that either PayPal seems to have stopped or changed the way its working with WinHTTP.WinHTTPRequest.5.1 or our server has somehow updated itself?
PayPal is using WinHTTPRequest.5.1 in Classic ASP for sending NVP's with its Express Checkout.
We are using Classic ASP with IPN notification with API Signature.
When On Error Resume Next is removed in paypalfunctions.asp I get the following error;
500 Error - Description: An error occurred in the secure channel support.
Error Code: 80072f7d. Line: 176
Adding
objHTTP.Option(9) = 128
to the WinHTTP Request and
response.write(nvpStrComplete)
returns
METHOD=SetExpressCheckout&VERSION=93&USER=sdk%2Dthree%5Fapi1%2Esdk%2Ecom&PWD=QFZ
CWN5HZM8VBG7Q&SIGNATURE=A%2DIzJhZZjhg29XQ2qnhapuwxIDzyAZQ92FRP5dqBzVesOkzbdUONzm
OU&L%5FPAYMENTREQUEST%5F0%5FNAME0=My Order&L%5FPAYMENTREQUEST%5F0%5FDESC0=My
Item&L%5FPAYMENTREQUEST%5F0%5FAMT0=4&L%5FPAYMENTREQUEST%5F0%5FNAME1=Handling
Fee&L%5FPAYMENTREQUEST%5F0%5FAMT1=0%2E42&PAYMENTREQUEST%5F0%5FPAYMENTACTION=Sale
&PAYMENTREQUEST%5F0%5FCURRENCYCODE=USD&PAYMENTREQUEST%5F0%5FAMT=4%2E42&RETURNURL
=http%3A%2F%2Fwww%mysite%2Ecom%2F%23paymentcomplete&CANCELURL=http%3A%2F%2Fwww%2
Emysite%2Ecom%2F%23paymentcancel&ALLOWNOTE=0&BUTTONSOURCE=PP%2DECWizard
This looks ok to me?
Does anyone know how I can workaround WinHTTP.WinHTTPRequest.5.1 using the paypalfunctions.asp standard output Wizard Integration code?
Or if not and this is no longer an option can recommend a professional and competent Classic ASP / PayPal developer so he/ she can work/ revise with our existing code?
Just to summarise the comments.
The error points to an issue with the secure channel which often is related to the wrong protocol being used to call the endpoint.
This does not mean that the WinHTTP.WinHTTPRequest.5.1 doesn't work it just means the wrong protocol is being used to make the HTTP request.
Due to the POODLE internet security vunerability in SSL 3.0 PayPal informed their users that support for SSL 3.0 would be disabled starting with the SandBox.
Quote from PayPal - Required security update
How is PayPal responding?
PayPal will completely disable SSL 3.0 support in a timeframe to be announced via PayPal Notify; however, based on security monitoring, we may need to move quickly to protect our customers so time is of the essence in making changes. Unfortunately, we realize shutting off SSL 3.0 may cause compatibility problems for a few of our customers resulting in the inability to pay with PayPal on some merchant sites or other processing issues that we are still identifying. To enable your assessment and potential remediation, we’ve put together this Merchant Response Guide to ensure your integration is secure from this vulnerability.
The workaround is to use TLS which should allow you to connect to the endpoint without a problem.
You can do this using the WINHTTP_OPTION_SECURITY_FLAGS with the Option property of the WinHttp.WinHTTPRequest.5.1 object.
'The WINHTTP_OPTION_SECURITY_FLAGS option
Const WinHttpRequestOption_SecureProtocols = 9
'Valid WINHTTP_OPTION_SECURITY_FLAGS option flags
Const SecureProtocol_SSL2 = 8 'SSL 2.0
Const SecureProtocol_SSL3 = 32 'SSL 3.0
Const SecureProtocol_TLS1 = 128 'TLS 1.0
Const SecureProtocol_TLS1_1 = 512 'TLS 1.1
const SecureProtocol_TLS1_2 = 2048 'TLS 1.2
You can then modify your WinHttp object (assuming the object is called winhttp) like so to switch the secure protocol;
winhttp.Option(WinHttpRequestOption_SecureProtocols) = SecureProtocol_TLS1_2
Note: Some versions of Windows Server do not support the SecureProtocol_TLS1_2 flag or may require an hotfix. It really depends on what version of winhttp.dll is installed on the system.
Useful Links
Classic ASP / IIS6 / Win2003 Server can't communicate with TLS server
WinHttp errors on option 9 / Win2008 / Classic ASP
WinHttpRequest object
Related
I spent the last day and a half researching this problem to no avail. I found many similar problems, but none that exactly address my issue. I am attempting to integrate Payflow Pro with transparent redirect, but cannot successfully complete a transaction. I am using the test environment with a test Payflow Gateway account.
I can successfully retrieve a secure token by posting the following from my test server to https://pilot-payflowpro.paypal.com:
PARTNER=[hidden]&VENDOR=[hidden]&USER=[hidden]&PWD=[hidden]&TRXTYPE=S&TENDER=C&CREATESECURETOKEN=Y&SECURETOKENID=20180916085333999&URLMETHOD=POST&SILENTTRAN=TRUE&AMT=2&BILLTOFIRSTNAME=John&BILLTOLASTNAME=Doe&BILLTOADDRESS=123TestDr.&BILLTOCITY=Testcity&BILLTOSTATE=TN&BILLTOZIP=55511&BILLTOEMAIL=johndoe#test.com&USER1=3&USER2=&USER3=0&USER4=2
to which I receive the following response:
RESULT=0&SECURETOKEN=[hidden]&SECURETOKENID=20180916085333999&RESPMSG=Approved
NOTE: I have configured a Return URL using PayPal Manager, which is why RETURNURL is not included in the secure token request. However, I also have tried with RETURNURL specified, and I have obtained the same end result.
I use the results from the secure token request to create a cc collection form. I input test credit card details using acct# 5105105105105100, then post the following from the browser directly to https://pilot-payflowlink.paypal.com:
fund_id=3&ACCT=5105105105105100&CVV2=555&EXPMONTH=01&EXPYEAR=20&EXPDATE=0120&SECURETOKENID=20180916085333581&SECURETOKEN=[hidden]&feeTokenID=20180916085333999&feeToken=[hidden]
The response is properly redirected to the Hosted Page error URL I have specified in my Payflow Manager Service Settings. My problem is that I do not understand why it is redirecting to the error url with the following message:
RESPMSG=Failed to connect to host Input Server Uri = https://pilot-payflowpro.paypal.com:443
NOTE: The value above is only one part of the response sent to the error page. The rest of the return values include information from my original secure token request, which I would assume could only be returned if a successful connection had been established with the link in the error message??
To clearly state the problem:
I have already successfully connected from my test server to the link specified in the error message, when first I obtained the secure token.
The post that results in the error message was sent from the browser (in this case, on the same physical box as my test server) to https://pilot-payflowlink.paypal.com, which is not the URL specified in the error message.
Finally, the error seemingly occurs during the Payflow process - to my understanding, there should not be a call from my server or the browser to the link in the error message at this point during the process. I mention this specifically to address the many search results I found relating this particular error message to PayPal's requirement for TLS1.2, which is already properly configured on my server (I should mention for the sake of completeness, I do still have TLS1.0 enabled on my test server, but cannot disable it for unrelated reasons. Nonetheless, I was able to successfully connect to obtain a secure token, and my server passes PayPal's own TLS test at https://tlstest.paypal.com/).
I should mention that I also have tried to complete this same transaction on our production server, still using test credentials and test endpoints at PayPal, with exactly the same results. The test server is also set up for TLS1.2 with TLS1.0 enabled, and also passes PayPal's test.
This problem may be the one that pushes me full-on into insanity, so any help really would be appreciated!!
Disabling TLS1.0 has helped others with this issue. If you keep having problems, contact PayPal's support
For anyone who might find this question and be similarly frustrated, I want to share that I was able to solve the problem by creating a new Payflow Gateway test account.
I spent a great deal of time on trial and error solutions with no success, and PayPal Merchant Technical Services was able to duplicate the problem but was also unable to find a solution. Finally, after simplifying my test app as much as possible (two bare-bones HTML forms filled in and submitted manually), I came to the conclusion that there might be something wrong with my test account. Upon creating a new account with new credentials, then inserting them back into my original code, everything worked perfectly.
As of this morning, PayPal MTS is continuing to research the problem, since others have reported similar issues.
For others with similar problems, it is worth noting that I am now able to complete transactions while TLS 1.0 remains enabled.
I tried finding an answer here but can not.
I've been using this code to process PayPal IPN for over a decade! Now, as of July 2018 it no longer works!
https://github.com/paypal/ipn-code-samples/blob/master/asp/paypal_ipn.asp
The only thing I know that is different recently is that PayPal required my domain to use TLS 1.2. I asked my hosting company to make sure that it now uses that, and they made some change to make sure. Ever since then, the listener I have set up does not process the IPN correctly. The code always falls into this IF:
if (objHttp.status <> 200 ) then
And never falls into this ELSEIF the way it used to when it was working fine:
elseif (objHttp.responseText = "VERIFIED") then
I'm not even sure how to troubleshoot this at this point. Is it something about the TLS 1.2? How can I make sure my hosting company set that up correctly?
Does my listener have to be located at an HTTPS url on my site? (Right now it is on HTTP).
Thanks.
In February, I got an email notice from Paypal that IPN would no longer validate successfully via an HTTP callback, and would further require HTTPS/SSL to validate. Update your script to connect this way, and it will probably fix it.
This PHP example should give a reasonable example.
Line 142:
" $fp = fsockopen("ssl://www.paypal.com",443,$err_num,$err_str,30);"
I had similar issues previously when connecting to Paypal on port 80.
I am trying to upgrade sage pay version from 2.22 to 3.00 and I am using Form Intergration to submit the values to Sage. The codes written VB. In 2.2, it was using "SimpleXor encryption algorithm", but that doesn't allowed in version 3.00 and as a result, I am getting the below error message:
This transaction attempt has failed. We are unable to redirect you back to the web store from which you were purchasing. The details of the failure are given below.
Status: INVALID
Status Detail: 5068 : The encryption method is not supported by this protocol version.
I found, version 3.00 allowed only AES encryption. Is there any sample AES encryption code to fix this issue?
Thank you in advance.
This has been asked before, and there are some really helpful posts under the sagepay tag, so I recommend having a look through those. There is also a classic asp example located here which you might be able to recycle (it originated in one of the old Sage Pay integration kits).
You will also need to check the fields you are sending over - addresses are now split over several lines, and some stuff that wasn't mandatory, now is.
Also note that test and live encryption passwords are different. You can get these from My Sage Pay if you log in under the main admin account.
And finally, if you get the 3045 'Currency' error, it's probably nothing to do with currency and more likely your encryption is wrong.
been trying to wrap my head around an issue I have with the IPN tester, not 100% sure if its my hosting company's problem or Paypal Developer 'beta' to be honest but my IPN's have worked fine on a few sites I have for atleast a year and now it doesn't on any of them. I've not changed anything and now im getting
IPN Delivery Failed:I/O error: www.mywebsitesname.co.uk; nested exception is java.net.UnknownHostException: www.mywebsitesname.co.uk
and none of my NotifyUrl.ashx handlers are working.
any ideas what this actually means in english? any more info. from me required to help you diagnose my issue?
#
AS AN UPDATE (27-08-2013), I thought I would try out the original C# SDK sample code from Paypal that I used to set up my IPN's with about a year or three ago (ie. it worked great with the IPN simulator). I have put it onto two different hosting companies servers to check its not an issue with a particular hosting server and my results using the IPN Simulator show "error 500: internal server error" for one and "IPN Delivery Failed:I/O error: www.ang##########.co.uk; nested exception is java.net.UnknownHostException: www.ang############.co.uk".
In short, I have the same identical sample file from Paypal (that used to work) in the root of each hosting companies servers and im using the same IPN simulator settings, with the exception of the IPN handler URL has the webaddress of the server followed by '/Handler.ashx' (which is the handler file) but i'm getting different errors.
Also to make this a bit more interesting, today I correctly received an IPN from Paypal to one of the same hosting server webaddress, with a 'transaction_subject : PayPal money request from xxxxxxxx' which was received and processed by my existing IPN handler (not the sample one from Paypal) and returned the correct info. to receive 'IPN Response: VERIFIED DateTime: 27-08-2013 19:05' so this got through and worked fine.
So in conclusion, I wonder if Paypal have either changed something and not informed the community or have an issue with their IPN simulator / CART IPN. If anyone can help or if a Paypal support engineer would like to work with me to try out some code, etc, please get back to me as I will keep trying to solve this but to be honest I see not what else I can do from my end as I've seen working IPN and a non working IPN simulator.
As extra info. here is an IPN Message as from my sandbox seller test account, that can't get through to my IPN handler on one of the same hosting servers (returns error 500) yet this used to get through and nothing has changed.
'mc_gross=2.75&protection_eligibility=Ineligible&address_status=confirmed&item_number1=BabyGrow2&payer_id=KHJGBQZNAFB7L&tax=0.00&address_street=1 Main St&payment_date=14:34:07 Aug 27, 2013 PDT&payment_status=Pending&charset=windows-1252&address_zip=95131&mc_shipping=0.00&mc_handling=0.00&first_name=Test&mc_fee=0.28&address_country_code=US&address_name=Test Buyer¬ify_version=3.7&custom=1csi4t45gy4gkz45r5r4t0ey&payer_status=verified&business=wow####gmail.com&address_country=United States&num_cart_items=1&mc_handling1=0.00&address_city=San Jose&verify_sign=AFcWxV21C7fd0v3bYYYRCpSSRl31A1fBAmiE5lcDRsQKQNaqoyQI7ucQ&payer_email=wow#######gmail.com&mc_shipping1=0.00&tax1=0.00&txn_id=8SG98957G0030294Y&payment_type=instant&last_name=Buyer&address_state=CA&item_name1=Baby Grow Age 0 - 1&receiver_email=wow#########gmail.com&payment_fee=&quantity1=1&receiver_id=8QRMB3QFHCL56&pending_reason=paymentreview&txn_type=cart&mc_gross_1=2.75&mc_currency=GBP&residence_country=US&test_ipn=1&transaction_subject=1csi4t45gy4gkz45r5r4t0ey&payment_gross=&ipn_track_id=7b4507c8c4313'
Still hoping we can resolve this soon.
Many Thanks.
Trev.
Asp.net / C# / HTML / CSS3
I am facing the same problem as seen in this http://forge.prestashop.com/browse/PNM-1165
It says this following message after I click on 'pay with paypal'
Error occurred:
Please try to contact the merchant:
PayPal response:
->
I don't know what to do T^T
Im using prestashop 1.5.4 and paypal module 3.5
There is one reply suggestion from Francois Gaillard added a comment - 29/Mar/13 9:29 AM
He said that
This issue occurs when your server IP has been blocked by the PayPal's API. If you are running share hosting environment the server can be banned blacklisted by PayPal.
Please, try to contact PayPal support they should be able to help you.
Let us know when you have more details please.
Thank you,
Kind regards.
That answer is incorrect in as much that we do not block IP addresses to our API endpoints without making the merchant aware.
It is correct, from our experience, that the above error occurs in PrestaShop when your server is unable to establish a successful HTTPS connection with our API endpoint.
I suggest you take a look at General troubleshooting - API timeout and run the tests provided in it.
Pay special attention to the AT&T block we mention in there, as we've seen a large number of API callers getting blocked at that level.
Unfortunately that block is beyond our control - but we've heard good reports of merchants getting in touch with AT&T and getting that block lifted (if confirmed to be blocked there).