Jump to content

Authorize.net Module Stopped Working after TLS 1.2 Update


Recommended Posts

Hi,

I am at an impasse, and desperate for guidance. I have been running PS 1.5.6.2 for years without issue on my site at http://organicsmanufacturer.com. Last week on 3/1/18, my authorize.net AIM module (vs 1.5.7) stopped working and started throwing a malformed response error. I did not change anything on my site, so i assume it has to be something to do with the recent update. I have looked everywhere trying to find a solution, and nothing works. It seems no one else is having problems, for the only relevant posts are from years ago. Surely if there was an issue with recent changes, I would not be the only person who was affected? My script was working perfectly. If nothing on my end changes, and suddenly my script goes from working to not, what could have happened? My hosting company says there are no issues and the TLS update was fine, and that my script is broken. Authorize.net says it is prestashop too, but if that was the case, why would no one else be having a problem?

The only error i have found is when the curl call to auth.net is made by validation.php, I get error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

Given I am raw at php issues, I am yet to figure out what has changed and how to identify the issue. I have turned on error reporting, and checked my logs. The page at https://organicsmanufacturer.com/quick-order has no errors that could break my ssl, and as I said it stopped working on 3/1 in the middle of the night (the file is the same one that was working a few hours earlier.). Can anyone please guide me as to how to find the root of the problem? I just don't know where to look for a solution and feel like I am in the twilight zone?

Thanks so much,
Rafael

(Server information: Linux #1
Server software version: Apache
PHP version: 5.2.17)

Edited by 4organics (see edit history)
Link to comment
Share on other sites

Apparently the "update" you are referring to was to your hosting provider, who likely disabled support for SSLv3, TLS v1 and 1.1.  You need to confirm exactly what they did

I also have to assume with such an old version of Prestashop, PHP and Auth.net module, that SSLv3 is required (which you likely have disabled on your server now)

You really need to start looking into upgrading many things, because you are using very old software which are no longer receiving security updates.  You are just asking for your store to be hacked.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...