-
Notifications
You must be signed in to change notification settings - Fork 397
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Empty API responses: bundled cert.pem is invalid for new sandbox SSL certificate #301
Comments
We apologize for the serious inconvenience faced by all the Sandbox developers.
Thanks again for your useful suggestions @schmich |
The issue has been fixed in latest release of the PHP SDK (version 1.9.6) . Join the Authorize.Net developer forum to keep abreast with latest features and contribute ideas. |
Thanks, Ashutosh, for the quick turnaround, and on the weekend, no less. I appreciate the support and the response! |
@phpstudyone , for this change, you can replace your lb/ssl/cert.pem with the latest cert.pem manually. But for TLS 1.2, you will need to upgrade your PHP version to at least 5.6. The minimum software requirements are as follows, you might need to upgrade all of them:
You can go through the forum thread and the news for reference. Feel free to open a new issue, if you need any more TLS 1.2 related assistance or clarification. |
@ashtru This is my test result : Also, when I do not replace the 'lib/ssl/cert.pem' file with a new cert.pem file, if my cert and domain name match, sanbox can be used normally. Otherwise, the error replace to this cert.pem file can fix this problem. |
@phpstudyone |
@ashtru sure. this is |
All sandbox Authorize.net API requests (at least those using
AuthorizeNetCIM
) are failing and returning empty responses:I tracked this down to a cURL error in
AuthorizeNetRequest.php
: "Peer's Certificate issuer is not recognized." with the endpoint beinghttps://apitest.authorize.net/xml/v1/request.api
.It appears the SSL cert for
apitest.authorize.net
was updated recently:The issuing CA, GeoTrust RSA CA 2018, is not included in this library's
cert.pem
, which is used to configure cURL. Because of this, host verification fails, so requests are failing.I saw this issue was also brought up on the developer support forum. It appears the temporary workaround is to copy cURL's cert.pem over the library's version.
Unfortunately, I haven't seen an official response from any Authorize.net folks.
If possible, I would like to see the following:
AuthorizeNetRequest.php
to fail with more information than just["xml"]=> NULL ["response"]=> bool(false)
. I realize you have logging there, but including and propagating cURL error information to the API consumer can only help users that hit issues.I'm sincerely not trying to be a jerk, but I do expect much more from an organization like Authorize.net. I (and likely others) burned far too much time today debugging and diagnosing something that should have never been an issue.
The text was updated successfully, but these errors were encountered: