New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error when trying to pair website and BTCPay #10

Closed
BobleChinois opened this Issue Aug 22, 2018 · 9 comments

Comments

Projects
None yet
2 participants
@BobleChinois

BobleChinois commented Aug 22, 2018

Steps to reproduce

I downloaded and ran the docker setup for BTCPay server. It is running fine on testnet, I can access it without issue from the url I registered.

I created an account and a store, named "test".

I have a wordpress running on another host, and I would like to pair the two.

I installed the BTC Pay plugin for woocommerce on my wordpress, opened settings, and followed instructions to create an API token.

When pasting the generated key in my wordpress, I got this error:
error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version

SSL encryption is ok on my BTC Pay server. The wordpress server is unencrypted.

Config

Woocommerce version : 3.4.4
BTCPay plugin version : 2.2.24
Wordpress version : 4.9.8
BTC Pay server version : 1.0.2.57

@NicolasDorier

This comment has been minimized.

NicolasDorier commented Aug 22, 2018

Though given your error, it is probablbe that the error come from an outdated SSL version which is insecure. How have you setup your HTTPS?

@NicolasDorier

This comment has been minimized.

NicolasDorier commented Aug 22, 2018

You can test your ssl setup on https://www.ssllabs.com/ssltest. Docker with nginx from BTCPay are rated A+ (https://www.ssllabs.com/ssltest/analyze.html?d=main2-btc-ltc.forkbitpay.ninja)

@BobleChinois

This comment has been minimized.

BobleChinois commented Aug 22, 2018

My BTC Pay server indeed got a A+, so it doesn't seem to be an issue.

But I looked the linked and I don't have SSL connection enabled on my wordpress host, so if I understand well this is the issue right ?

So I need to buy an SSL certificate for my wordpress host, is that the deal ?

@BobleChinois

This comment has been minimized.

BobleChinois commented Aug 22, 2018

I figured out that my host provider (OVH) already provides me with a SSL certificate, but I never activated it on my wordpress site, so I did it using "really simple ssl" plugin for wordpress.

Everything looks ok, my browser doesn't alert me and the test gives it a A.

But I still get the same error when I try to pair the two.

The SSL test returned this, maybe there's an issue ?
capture du 2018-08-22 21-17-10

@NicolasDorier

This comment has been minimized.

NicolasDorier commented Aug 23, 2018

I think it is the issue given the error message, my server does not have 1.0.

@BobleChinois

This comment has been minimized.

BobleChinois commented Aug 23, 2018

But since I also have TLS 1.2 on wordpress side, shouldn't client and server do some kind of handshake to determine that they both know 1.2 ?
I'm not sure how to solve this, I 'd like to ask OVH but I'm still waiting an answer for the last question I asked them...

@BobleChinois

This comment has been minimized.

BobleChinois commented Aug 23, 2018

I made my host upgrade TLS version, I can pair my WP and my BTC Pay now. Problem solved !

@NicolasDorier

This comment has been minimized.

NicolasDorier commented Aug 24, 2018

I think just allowing TLS 1.0 create a vulnerability in the Handshake, which is why it might be blocked.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment