On the older Aim modules http://addons.oscomm....com/info/5662
they had the code below that was removed.
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
It's been a few years or more, so I don't remember exactly. There were post on Authorize.net and I beleive on their github too. There were at least a few different processor modules using this as standard until it was pointed out that this setting created a security hole and was dissabling security built into curl. But, once this was changed then the certificates have to be kept up or it can't verify the peer. You can search around and find more info on it but i don't remember exactly what they called the exploit. I only use this module and I've poured through a lot of the A.net stuff so it sticks out for me.
- Bobber likes this