Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Authorize.Net Technical Updates - implementing Akamai's technology

rob_illinois

By rob_illinois
in General Support

Recommended Posts

rob_illinois

rob_illinois

Posted
Posted

    Anyone hear about the new updates coming this year by June 2016 for Authorize.Net? Seems they are now going to use three new web urls, their SDKs have been updated to use the new URLs. The update will be completed by 6/2016, and thus sites will also need to be updated. Is there an update for this in the works some where?

 

 

Thanks

Link to comment
Share on other sites
John W

♥John W

Posted
Posted

This is easy to update in your authorize.net module.  You can update your links now and I've been using the new ones for several months without a problem.  Just find all of these links to the secure server and update them wiht the 2 behind secure like the second link here.  There are probably 3 references. 

https://secure.authorize.net/gateway/transact.dll

change to

https://secure2.authorize.net/gateway/transact.dll

 

If you need more help let me know.  Also, let me know which module you are using.

I'm not really a dog.

Link to comment
Share on other sites
Dan Cole

Dan Cole

Posted
Posted

@@John W  Thanks for the post John.  I received the notice about this too and it was nice to not have to think about what to do.   I made the changes you suggested to my authorizenet_cc_aim.php module.  As you suggested there were exactly 3 replacements to make.   I gather they will make the change to the url in June so there is really no need to do anything but it is nice to be out in front of this and not have to worry about any last minute changes or issues.  Hopefully they won't trash the secure2 url without notice at some point in the future.

 

Dan
 

Need help?  See this thread and provide the information requested.

Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here.

Link to comment
Share on other sites
John W

♥John W

Posted
Posted

@@Dan Cole  The secure2 links are active for quite a while now and they use the new Akamai routing, which is supposed to improve reliability.  My understanding is it improves reliabilty by more routing options to more servers and shortest routing options depending on our server location.  I did run into a problem over a year ago where a fiberoptic cable had been cut and I was unable to connect to Authorize.net on their old links for about an hour.  They posted about it on Twitter and had it fixed quickly at the time.  So, the Akamai system will prevent that.  It is important to know that the old links will stop working though so the changes must be done.

 

I also modified my Authorize module to output the actual Authorize.net errors to consumers instead of the generic ones that the stock module outputs.  They see the same error that comes in the debug email.

I'm not really a dog.

Link to comment
Share on other sites
John W

♥John W

Posted
Posted

I don't have the original but here is the last one minus the batch and trans number stuff which doesn't pertain.  The link to the Akamai info talks about the different links. I edited out my info.

I also dissabled RC4 server wide over a year ago and completely dissabled SSL3. 

 

Authorize.Net Technical Updates

 

Over the next few months, we are making several updates to our systems that you need to be aware of. They are all technical in nature and may require the assistance of your web developer or shopping cart/payment solution provider.

Please read this email carefully, and if you need to find a web developer to help you, please check out our Certified Developer Directory at www.authorize.net/cdd. Akamai SureRoute Reminder As we get further into 2016, we want to remind you of our previously announced Akamai SureRoute implementation plan and timelines. Using Akamai's technology will help safeguard against interruptions caused by issues beyond our direct control, such as Internet congestion, fiber cable cuts and other similar issues.

If you have not already, please review the announcement and the Akamai FAQs to determine what action you should take for your particular solution. If your solution uses a firewall, please pay particular attention to this section of the FAQs to make sure you avoid any disruptions to your transaction processing.
RC4 Cipher Disablement In an effort to ensure that all of your server-to-server communications with the Authorize.Net platform (both transactional and otherwise) maintain the highest levels of security, we will be disabling the RC4 cipher suite during the first half of 2016. A follow-up notification will be sent out once specific dates for the disablement are ready for the sandbox and production environments.

For now, if you have a solution that relies on RC4 to communicate with our servers, please update it to a current, high-security cipher as soon as possible. Please review our API best practices blog post for more information.

Sincerely,
Authorize.Net

I'm not really a dog.

Link to comment
Share on other sites
John W

♥John W

Posted
Posted

I just reread the Akamai info and the old links will stay working and do not have to be changed.  The new links just take advantage of the Akamai system now. 

 

THis is what I keyed onto originally.

"IMPORTANT: To take advantage of the uptime benefits Akamai offers, we recommend you proactively update your website or payment solution during Phase One rather than waiting to be automatically updated during Phase Two."

I'm not really a dog.

Link to comment
Share on other sites
Dan Cole

Dan Cole

Posted
Posted

I just reread the Akamai info and the old links will stay working and do not have to be changed.  The new links just take advantage of the Akamai system now. 

 

THis is what I keyed onto originally.

"IMPORTANT: To take advantage of the uptime benefits Akamai offers, we recommend you proactively update your website or payment solution during Phase One rather than waiting to be automatically updated during Phase Two."

 

That's why I expressed concern about changing them and not getting notice if they eliminate the secure2 url in the future.

 

Dan

Need help?  See this thread and provide the information requested.

Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here.

Link to comment
Share on other sites
John W

♥John W

Posted
Posted

From what I can see, the secure2 will keep working also.  Once they put them into their DNS servers, they can leave them there.  They make no statements the the secure2 are temporary.  I don't remember if they had a good reason for not just switching it over to the akamai right away.  

I'm not really a dog.

Link to comment
Share on other sites
John W

♥John W

Posted
Posted

I just read through the Akamai FAQ and it suggests changing right away, but doesn't mention having to change back.  All they do is add a DNS listing for secure2 and they don't have to ever remove it.  Look through the link to the FAQ above and see what you think. 

I'm not really a dog.

Link to comment
Share on other sites
Dan Cole

Dan Cole

Posted
Posted

@@John W  Not sure John...I would just be guessing...I don't think they really addressed it and perhaps didn't even consider it.  In any case I might change it back later or just hope they leave it in place or give us some notice if they decide to stop using the secure2 url.   If I had a contact there I might be inclined to ask.

 

Dan

Need help?  See this thread and provide the information requested.

Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here.

Link to comment
Share on other sites
John W

♥John W

Posted
Posted

@@Dan Cole  Just to be sure, read through the developer forum on Testing and Implementing Akamai and someone specifically asked if the secure2 will continue to work and it will.  That's how I understood it but better safe than sorry.  All links, old and new will continue to work, but old links will not route through Akamai until June.  Seems some people behind firewalls and other setups have/had problems that had to be cleared up.  Read through and the Q&A is on page 3 towards the bottom.

I'm not really a dog.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...