as of yesterday, orders are all going to missing orders status. Authorize.net says they are getting the payment and sending a response so everything is working on their end.
We get an error: Empty Gateway Response when making a payment on the checkout page.
What could be the problem? our website is kungfudirect.com
Thanks
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
viewtopic.php?t=217212 might be of some help.
Authorize.net says they are sending a response, but do they say that response contains any data? It mat be the case you need to add more debugging code to the module to find out.
The only error log in relation to it is: AUTHNET AIM CURL ERROR: Empty Gateway Response
Version is 2.0.2.0
PHP is 5.6.40.
They just said that everything is working on their end
Code: Select all
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
Code: Select all
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curl, CURLOPT_SSLVERSION, 3); // Force SSLv3 to fix Unknown SSL
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
Setting CURLOPT_SSLVERSION to 3 is a bad idea. Not payment gateway should be using SSL 3 as it's a PCI requirmet that TLS 1.2 or greater is used.
You should also read what the PHP manual says.
https://www.php.net/manual/en/function.curl-setopt.php
Note:
Your best bet is to not set this and let it use the default. Setting it to 2 or 3 is very dangerous given the known vulnerabilities in SSLv2 and SSLv3.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
You could add a check to see if it's an error or empty response. Change catalog/controller/payment/authorizenet_aim.php#L133.teamupair wrote: ↑Sat Sep 05, 2020 11:26 amWe haven't changed anything, that I know of. I been away from work for about 3 weeks so I don't know exactly but I doubt anything has been changed.
The only error log in relation to it is: AUTHNET AIM CURL ERROR: Empty Gateway Response
Version is 2.0.2.0
PHP is 5.6.40.
They just said that everything is working on their end
Code: Select all
} elseif ($response) {
Code: Select all
} elseif ($response === false) {
$json['error'] = 'Unknown Gateway Response';
$this->log->write('AUTHNET AIM CURL ERROR: Unknown');
} elseif ($response)
After.
Code: Select all
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
Code: Select all
curl_setopt($curl, CURLOPT_FAILONERROR, 1);
Don't you mean SSL 2 can't be used?straightlight wrote: ↑Sun Sep 06, 2020 8:38 pmWhile it has its truth regarding the use of SSL v3 based on the above, SSL v2 can also be used as opposed to TLS 1.2 or above due to authentication process specifics.
ADD Creative wrote: ↑Mon Sep 07, 2020 12:22 amYou could add a check to see if it's an error or empty response. Change catalog/controller/payment/authorizenet_aim.php#L133.teamupair wrote: ↑Sat Sep 05, 2020 11:26 amWe haven't changed anything, that I know of. I been away from work for about 3 weeks so I don't know exactly but I doubt anything has been changed.
The only error log in relation to it is: AUTHNET AIM CURL ERROR: Empty Gateway Response
Version is 2.0.2.0
PHP is 5.6.40.
They just said that everything is working on their endTo.Code: Select all
} elseif ($response) {
You could also add a check for the status returned.Code: Select all
} elseif ($response === false) { $json['error'] = 'Unknown Gateway Response'; $this->log->write('AUTHNET AIM CURL ERROR: Unknown'); } elseif ($response)
After.AddCode: Select all
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
Code: Select all
curl_setopt($curl, CURLOPT_FAILONERROR, 1);
Don't you mean SSL 2 can't be used?straightlight wrote: ↑Sun Sep 06, 2020 8:38 pmWhile it has its truth regarding the use of SSL v3 based on the above, SSL v2 can also be used as opposed to TLS 1.2 or above due to authentication process specifics.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
No payment gateway should be using SSL 2 as it's a PCI requirement that TLS 1.2 or greater is used. SSL 2 was deprecated in 2011!
https://en.wikipedia.org/wiki/Transport ... 0,_and_3.0
Nowhere to be said about switching . What's been said is that SSL V2 can also be used at times so depending on the payment providers.Are you really suggesting switching to SSL 2 as a solution to the issue the original poster is having?
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Not up to the merchants to decide. Authentication process may vary between developed applications. This is beyond our level.ADD Creative wrote: ↑Tue Sep 08, 2020 12:31 amNo payment providers should accept any SSL 2 or 3 connections any more.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Users browsing this forum: Amazon [Bot], dparakhiya and 398 guests