Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Cannot make TLS 1.2 work


eaglik

Recommended Posts

Hello

Looking for some wisdom if anybody is able to help

I am running OSC V2.3.4

I received email from paypal saying TLS 1.2 is not setup / working properly and action is needed.

Webhosting company assures me that their servers support TLS 1.2

Report is here https://www.ssllabs.com/ssltest/analyze.html?d=kauto.co.uk  ( I do not understand it all by any means but it looks to me as if it is supported )

using the test connection button in the latest paypal add on I get

cURL Version: 7.53.0
cURL SSL Version: OpenSSL/1.0.2k

Default Setting: Failed
TLS v1.2: Failed

A connection to PayPal could not be made using TLS v1.2. Please consult with your hosting provider to upgrade the cURL version that is installed with your PHP web server to support TLS v1.2 connections.

Hosting company assures me they support and their other customers do not have problems with this.

Paypal just seem to ignore any messages from me asking for pointers of what to do next

 

Anybody got any clues or wisdom to pass on what else I can do to make this work or why it may be failing.

I am not a programmer but can generally find my way around the OSC files and make edits etc if somebody can tell me what to do

 

Any help will be greatly appreciated

Thanks

Kevin Eagling

KEE Automotive Ltd

Link to comment
Share on other sites

When you go to Admin / Tools / Server Info

what php version does it report?

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

Copied and pasted 2 minutes ago

 

Server Information

pixel_trans.gif
Server Host: www.kauto.co.uk (77.104.180.146)      Database Host: localhost (127.0.0.1)
Server OS: Linux 3.12.18-clouder0      Database: MySQL 5.6.36-82.1-log
Server Date: 2018-04-16 11:42:09 +0100 BST      Database Date: 2018-04-16 11:42:09
Server Up Time:  
pixel_trans.gif
HTTP Server: Apache
PHP Version: 5.6.35 (Zend: 2.6.0)

Thanks

Kevin Eagling

KEE Automotive Ltd

Link to comment
Share on other sites

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

You should test your site using ssl labs. The result should be at least an A and under configuration only TLS 1.2 should be enabled.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Sorry I am probably being very stupid here

 

On the weblink it refers to a new paypal certificate and shows all kinds of key strings for the certificate

How do I install this ?

When I view the original certificate ( paypal.com.crt ) on my PC it just shows as being a certificate rather than a file with all the cert details and keys in it.

Is this something I have to install or just copy/paste somewhere

Thanks

Kevin Eagling

KEE Automotive Ltd

Link to comment
Share on other sites

1 hour ago, eaglik said:

it is reporting as being " A " result, so I guess that is OK

The important part is what it shows for TLS. Is TLS 1.2 the only one enabled? If not, ask your host to remove the others. They have to by June anyway so they shouldn't complain about it.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

1 hour ago, eaglik said:

Sorry I am probably being very stupid here

 

On the weblink it refers to a new paypal certificate and shows all kinds of key strings for the certificate

How do I install this ?

When I view the original certificate ( paypal.com.crt ) on my PC it just shows as being a certificate rather than a file with all the cert details and keys in it.

Is this something I have to install or just copy/paste somewhere

They're saying they just overwrote the one in ext/modules/payment/paypal with the attached

paypal.com.crt

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

The certificate in ext/modules/payment/paypal needs to be updated.  It's missing the two on the bottom at this link.

https://raw.githubusercontent.com/paypal/TLS-update/master/php/cacert.pem

I've been running paypal for a while and I was able to process orders but it was showing failed on the test.  Once updated, it shows success.  In the past, I had successful tests.

I'm not really a dog.

Link to comment
Share on other sites

6 minutes ago, John W said:

The certificate in ext/modules/payment/paypal needs to be updated.  It's missing the two on the bottom at this link.

https://raw.githubusercontent.com/paypal/TLS-update/master/php/cacert.pem

I've been running paypal for a while and I was able to process orders but it was showing failed on the test.  Once updated, it shows success.  In the past, I had successful tests.

The one I posted has this done for you, just copy it into the folder...

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

John

That link for the new certificate simply over writing the old one in OSC worked a treat.

I now get 2 green results in the paypal test feature so hopefully this will keep them happy.

Thankyou so much for all your help

Thanks also go to Jack and John W

Thanks

Kevin Eagling

KEE Automotive Ltd

Link to comment
Share on other sites

great stuff!

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

  • 2 weeks later...

Hi,

I've been getting problems this week, I've found this info from Paypal, but will the above fix work for me? I have no idea how to update the buttons!

 

re: Things don't appear to be working at the moment. Please try again later.

 

After contacting PayPal support by email they told me this:

We have recently upgraded our security certificate at PayPal.  This has caused some PayPal buttons to stop working.  Please re-create your button and copy and paste the new HTML code on to your website.  This will resolve  the issue.

Re-creating the buttons fixed it.

 

 

 

 

 

Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Link to comment
Share on other sites

@zefeena what version of osommerce are you using? Are you using the paypal app or the old separate modules?

The buttons stuff is not relevant to osc

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

Hi,

I'm using the app. I added those last two parts of the certificate from the link above and then tested the SSL connection and it said passed, whereas previously it said failed, so I'm hopeful that means its now working.  I just thought sales were down, but then a few people emailed saying they were having difficulty, so I will have to see if I have a better day today, unless there is any other way to check it for certain.

Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Link to comment
Share on other sites

That sounds good.

There's a log for the app on the paypal menu in admin. Were you getting errors in it before?

The only way to be sure it's working is to make a test purchase, but you need a separate paypal account from which to do it.

Contact me for work on updating existing stores - whether to Phoenix or the new osC when it's released.

Looking for a payment or shipping module? Maybe I've already done it.

Working on generalising bespoke solutions for Quickbooks integration, Easify integration and pay4later (DEKO) integration at 2.3.x

Link to comment
Share on other sites

I didn't look for errors, I just thought it was a slow week! and then got a couple of emails from people desperate for stuff.  I guess people often just go away when things don't work and either come back later or go elsewhere.  An order has just come through so I guess its working okay now, thank you

Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Link to comment
Share on other sites

It seems it still isn't working for everyone! Its 'returning to the merchant'.  anyone any ideas?

 

Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Link to comment
Share on other sites

No joy on this at all.  Can anyone tell me what settings I should have on my paypal account.  Rang Paypal, no help at all -  they said they couldn't even get onto my website!

Customers are shopping, adding to basket without problem, its only the checkout that is an issue.   I'm wondering if I have any settings wrong.  I have just changed my 'check-out' address to https (it was http), and put data transfer on.  Not sure this is relevant or not.

thank you

 

Website Payment Preferences

 

Auto Return for Website Payments

Auto Return for Website Payments brings your buyers back to your website immediately after payment completion. Auto Return applies to PayPal Website Payments, including Buy Now, Donations, Subscriptions and Shopping Cart. Learn More

Auto Return:Auto Return:
OnOff

Return URL: Enter the URL that will be used to redirect your customers upon payment completion. This URL must meet the guidelines detailed below. Learn More

Return URL Requirements: The following items are required in order to set up Auto Return.

  • In accordance with the User Agreement, you must provide written information on the page displayed by the Return URL that will help the buyer understand that the payment has been made and that the transaction has been completed.
  • You must provide written information on the page displayed by the Return URL that explains that payment transaction details will be emailed to the buyer. 
  • Example: Thank you for your payment. Your transaction has been completed and a receipt for your purchase has been emailed to you. You may log in to your account at www.paypal.com to view details of this transaction.

Payment Data Transfer (optional)

Payment Data Transfer allows you to receive notification of successful payments as they are made. The use of Payment Data Transfer depends on your system configuration and your Return URL. Please note that in order to use Payment Data Transfer, you must turn on Auto Return.

Payment Data Transfer:Payment Data Transfer:
OnOff

Identity Token:CUSC***********************o0

Encrypted Website Payments

Using encryption enhances the security of website payments by decreasing the possibility that a third party could manipulate the data in your button code. If you plan on only using encrypted buttons you can block payments from non-encrypted ones.

Learn more about Encrypted Website Payments

Note: If you enable Encrypted Website Payments, all of your Buy Now, Donation and Subscription buttons must be encrypted via one of the following methods:

  • Using the Button Factory with the security settings enabled.
  • Using your own code, you encrypt all website payments before sending them to PayPal.

By enabling this feature, any Buy Now, Donation or Subscription button that is not encrypted will be rejected by PayPal.

Block Non-encrypted Website Payment:Block Non-encrypted Website Payment:
OnOff

PayPal Account Optional

When this feature is turned on, your customers will go through an optimised checkout experience. This feature is available for Buy Now, Donation and Shopping Cart buttons, but not for Subscription buttons. Learn More

PayPal Account Optional:PayPal Account Optional:
OnOff

Contact Telephone Number

When you activate this option, your customers will be asked to include a contact phone number with their payment information. Learn More.

Note: Selecting On (Required Field) could have a negative effect on buyer conversion.

Contact TelephoneContact Telephone
On (Optional Field)On (Required Field)Off (PayPal recommends this option)

PayPal Express Checkout Settings

With this setting you determine if you technically support the German funding methods giropay and bank transfer in your PayPal Express Checkout implementation. 

Support giropay and bank transfer payments:Support giropay and bank transfer payments:
YesNo

Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Link to comment
Share on other sites

IF NOT USING COMMUNITY EDITION:

  1. Install Paypal App
    https://apps.oscommerce.com/fZMiN&paypal-app
  2. Once installed, it will ask you to update.
    Update

IF YOU ARE ON THE COMMUNITY EDITION

  1. Do NOT Install the Paypal App
  2. Do NOT update.

UPDATE CERTIFICATE

  1. Overwrite old Paypal Cert
    https://github.com/gburton/Responsive-osCommerce/blob/dbb6f769cb8f3c84164feb812bf7a0de225dd58c/ext/modules/payment/paypal/paypal.com.crt
    I don't think anywhere else has this updated Cert.

TEST THE INSTALLATION

  1. Get your Balance.
    If it works...it is good.

ALL VERSIONS

  1. Insert API, Password etc in the GENERAL settings
    Get those from Paypal
  2. Set up whatever Paypal method(s) you are wanting

TEST THE INSTALLATION

  1. Perform a checkout or get a friend to
    Did the payment go into your paypal account?
    Was an Order written ?
Edited by burt
Link to comment
Share on other sites

Thank you for the info: I'll go through all the checks, I'm running:  Installed Version: osCommerce Online Merchant v2.3.4

is this the community edition? Idon't know how I get that information as to whether it is or isn't? 

Running a botched up version of  osCommerce Online Merchant v2.3.4 bootstrap with the dresscode theme installed, numerous add-ons, terrible coding, terrible website, but will have to make do until I have made up for my losses and can risk shutting down for a couple of weeks while I start all over again. - I did not install my program but am endeavouring to fix it with your help.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...