I am trying to set up Paypal on my site, the problem is that I am currently OVH has 0.9.8o version of OpenSSL, or it appears that Paypal is required from version 1.0.2 to run.
The error comes from line 2:
if($this->getParameter('paypal_sandbox') == true)
$fp = fsockopen('tls://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
else
$fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30);
This is error return :
"Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure"
Besides, I also want to know if for line 4 must use it well "ssl://" or does it put "tls://" as for the sandbox environment ?
Thank you !
Related
I have a perl code that sends SOAP request through SOAP::Lite like this:
eval
{
$sresp = SOAP::Lite
->uri('http://machine/key')
->proxy('https://usr:pwd#website.com/addr/addr/remotescript.pl')
->remotescript_pl_function(#parms, $gmtime);
};
if ($#)
{
print $#;
}
After existing certificate for *.website.com has been replaced I am not getting valid responses anymore, I am getting
500 Can\'t connect to website.com:443 at localscript.pl line 123.
If I enable
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
everything works. But I would like to verify the SSL hostname, how can I do that, or track down the problem? (I am a little lost in this proxying).
I have c++ code with libcurl that goes along the same lines and works well. Entering https://website.com into browser works fine. Entering http://machine (machine is on local network) works.
edit 1:
Both perl -MIO::Socket::SSL=debug4 yourscript.pl and analyze-ssl.pl from p5-ssl-tools show error message 1416F086 which lead me to information that SSL certificate has "Chain issues" that have to be fixed in certificate installation.
edit 2:
After fix of the certificate is the error gone! Perfect, solved!
Here is solution mentioned in comments by Corion and Steffen Ullrich:
Running either:
https://github.com/noxxi/p5-ssl-tools script analyze-ssl.pl
perl -MIO::Socket::SSL=debug4 yourscript.pl
displayed same error: SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed. This pointed me to: telegram bot SSL error: SSL error {error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed} where I found that I too have "Chain issues Incomplete".
After fixing certificate the error is gone.
I am currently trying to connect to a gmail inbox using Perl and
Net::IMAP::Client
with the following code
use strict;
use warnings;
use Net::IMAP::Client;
my $user = '[address]#gmail.com';
my $pwd = '[password]';
my $imap = Net::IMAP::Client->new(
server => 'imap.gmail.com',
user => $user,
pass => $pwd,
ssl => 1, # (use SSL? default no)
ssl_verify_peer => 0, # (use ca to verify server, default yes)
port => 993 # (but defaults are sane)
) or die "Could not connect to IMAP server: $_";
$imap->login or
die('Login failed: ' . $imap->last_error)
But the $imap variable is undef and I am getting this error:
Use of uninitialized value $_ in concatenation (.) or string at testIMAP.pl line 9.
Could not connect to IMAP server: at testIMAP.pl line 9.
I have successfully connected to the mailbox using Outlook, but as I'm not getting an error message I'm not sure where to look. Does anyone know what I'm doing wrong here?
A big thanks to zdim for help troubleshooting.
Firstly, zdim pointed out that I had the incorrect error variable. $_ should have been $!
This revealed the error message "Network is unreachable", however I was able to pint and telnet to 'imap.gmail.com' successfully.
The solution to this was found here
Perl IO::Socket::SSL: connect: Network is unreachable .
Changing the use statement in the Net::IMAP::Client module to the following worked:
use IO::Socket::SSL 'inet4';
After this, the connection was established, but the login would fail with
Login failed: [ALERT] Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure)
This is due to Gmail's security features. I received an email that allowed me to confirm that the connection was not malicious, and then subsequent logins were successful.
For others, there may be a few solutions to this last one. You may need to issue an 'app password' If two-step authentication is activated, or you might need to toggle on 'allow less secure apps'
I am trying to connect to the PayPal IPN over regular HTTP for testing purposes and I cant get my PHP script to connect. I dont have an ssl cert installed so any attempt at using ssl with port 443 fails. Here is my attempt to connect over HTTP:
$fp = fsockopen('www.sandbox.paypal.com', 80, $errno, $errstr, 30);
The response ends up coming back like so:
HTTP/1.0 302 Found
Location: https://www.sandbox.paypal.com
Server: BigIP
Connection: close
Content-Length: 0
I have read that with the new SHA-256 requirements, PayPal will still allow connection over http so am I doing something wrong or is my information incorrect?
PayPal has stopped acceptting HTTP 1.0 on IPN endpoint, you should change HTTP/1.0 to HTTP/1.1
I use Net::SMTP::SSL to sent email in Perl, and got "454 Error: authentication failed"
Here is my code:
use Net::SMTP::SSL;
$smtp = Net::SMTP::SSL->new($smtp2, Port => $smtp_port2, Timeout => 10, Debug => 1);
$smtp->auth($login2, $password2);
$smtp->mail($login2);
$smtp->to($to);
$smtp->data();
$smtp->datasend("To: $to\n");
$smtp->datasend("From: Aspiring error email \n");
$smtp->datasend("Date: $today\n");
$smtp->datasend("Subject: $subject\n");
$smtp->datasend("\n");
$smtp->datasend($message);
$smtp->dataend();
$smtp->quit;
And i got these message:
Net::SMTP::SSL=GLOB(0xf9ab80)<<< 454 Error: authentication failed, system busy
It seem i failed to auth, and i am sure the username and pw is correct.
Thanks so much!!!
454 Error: authentication failed, system busy
These are temporary problems.
The mail server is probably not doing local verification of the password, but is using an external system like a Radius or LDAP server, and the connection to this authentication system failed. Just try again later and hope that the problem got resolved.
If the credentials were wrong the server would have send a 535 status code.
See also the status codes in RFC4954.
I have meet a big problem when I was doing developing about Apple Push Notification Service.
I wrote a PHP script(apns.php) which will use a PEM(ck.pem) file as security certificate and build a SSL connection to APNS when I post a HTTP request to it, but it always failed when it tried to connect the service port ( ssl://gateway.sandbox.push.apple.com:2195). The PHP script is deployed on a Linux Hosting of GoDaddy (it should support SSL).
I have already registered to be a member of iOS developer program,and I have registered the apple push notification service for my application. And I have generated a certificate file and a key file (cert.p12 and key.p12) from Keychain Access and translate them into PEM files(cert.pem and key.pem) and join them into one(ck.pem) and put it in the same directory of PHP script .
I want to know if there is something wrong I did ! Would you refer to the attachment of the files that you may need?
Thanks very much!
The HTTP request is something like below.
http://www.insidertracker.net/apns/apns.php?message=&badge=2&sound=received5.caf
The response message of my request is below:
Warning: stream_socket_client() [function.stream-socket-client]:
unable to connect to ssl://gateway.sandbox.push.apple.com:2195
(Connection refused) in /home/content/40/6967940/html/apns/apns.php on
line 25 Failed to connect 111 Connection refused
The PHP script:
<?php
$deviceToken = '0535dda1 6fd04e87 ed0a8194 d418a6c1 99eec462 8a871891 d062018d c6af4f99';
$pass = 'Php1234'; // Passphrase for the private key (ck.pem file)
// Get the parameters from http get or from command line
$message = $_GET['message'] or $message = $argv[1] or $message = 'You have an important message from InsiderTracker';
$badge = (int)$_GET['badge'] or $badge = (int)$argv[2];
$sound = $_GET['sound'] or $sound = $argv[3];
// Construct the notification payload
$body = array();
$body['aps'] = array('alert' => $message);
if ($badge)
$body['aps']['badge'] = $badge;
if ($sound)
$body['aps']['sound'] = $sound;
/* End of Configurable Items */
$ctx = stream_context_create();
stream_context_set_option($ctx, 'ssl', 'local_cert', 'ck.pem');
// assume the private key passphase was removed.
stream_context_set_option($ctx, 'ssl', 'passphrase', $pass);
// connect to apns
$fp = stream_socket_client('ssl://gateway.sandbox.push.apple.com:2195', $err, $errstr, 60, STREAM_CLIENT_CONNECT, $ctx);
// $fp = fsockopen('ssl://gateway.sandbox.push.apple.com:2195', 2195, $err, $errstr, 30);
if (!$fp) {
print "Failed to connect $err $errstr\n";
return;
}
else {
print "Connection OK\n<br/>";
}
// send message
$payload = json_encode($body);
$msg = chr(0) . pack("n",32) . pack('H*', str_replace(' ', '', $deviceToken)) . pack ("n",strlen($payload)) . $payload;
print "Sending message :" . $payload . "\n";
fwrite($fp, $msg);
fclose($fp);
?>
It's my understanding that GoDaddy prohibits outgoing connections on exotic ports (anything other than 80 a perhaps a few others). You're probably out of luck trying to roll your own push service hosted on GoDaddy. I have had luck doing what you're attempting with bluehost.
For general advice on developing a push service in PHP, these two articles were invaluable: One Two
I also got this error. Following things you have to remember:
Path of ios push cert file should be correct. Check on online portals using device token and push cert.
Your server is enabled for 2195 port. Check on terminal by using telnet command.
Check ssl supported by your php version if using ssl://gateway.sandbox.push.apple.com and tls if using tls://gateway.sandbox.push.apple.com
The data you are sending in the push or token etc should be equal or less than the specified bytes mentioned in the apple doc. link is mentioned below.
You can also use api get reference for sending push Development server: api.development.push.apple.com:443 Production server: api.push.apple.com:443
https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/CommunicatingwithAPNs.html#//apple_ref/doc/uid/TP40008194-CH11-SW1