0

Folks,

We have a web site that uses PayPal Express Checkout for Digital Goods to make software sales. It has been working fine for 5 months. Last week we started getting an error "The request was aborted: Could not create SSL/TLS secure channel.” off the live site. When I run the site off my development server it runs fine and we can process a transaction. All these are against the live paypal site. In looking at many questions on this forum and others the main problem appears to be using the wrong endpoints. I am using the .NET SDK and the nvp methods. I checked the endpoints and they are the current ones provided by paypal for nvp transactions. Even looked in the dll to make sure we did't have an older version. We are good there.

Then I thought it might be that the hosting server could'd establish a secure link to paypal so created a test page with a url with query string to the endpoint like(https://api-3t.paypal.com/nvp?USER=XXXX_api1.XXX.com&PWD=XXX&SIGNATURE=XXXXXX&VERSION=60.0&PAYMENTACTION=Authorization&AMT=1.95&RETURNURL=https://www.paypal.com&CANCELURL=https://www.paypal.com&METHOD=SetExpressCheckout).

This worked and returned the expected transaction token. So we can connect from the hosting server. Then thinking our credentials or credential retrieval code might be the problem I pulled the credentials out of our database and ran the test as follows.

Test Query string with server data code======================================

This worked so credentials and endpoint are good on the hosting server.

   ( Dim sCEnvironment As String =   System.Configuration.ConfigurationManager.AppSettings("Environment")
    Dim dtsettings As DataTable
    dtsettings = Dac.ExecuteDataTable("GetCredentials", Dac.Parameter("@Environment", sCEnvironment))

    '// Set up your API credentials, PayPal end point, API operation and version.
    Dim sAPIUsername As String = dtsettings.Rows(0).Item("UserName").ToString
    Dim sAPISignature As String = dtsettings.Rows(0).Item("Signature").ToString
    Dim sAPIPassword As String = dtsettings.Rows(0).Item("Password").ToString
    Dim sEnvironment As String = dtsettings.Rows(0).Item("Environment").ToString

    Dim QS As String = "https://api-3t.paypal.com/nvp?USER=" & sAPIUsername & "&PWD=" & sAPIPassword & "&SIGNATURE=" & sAPISignature & "&VERSION=60.0&PAYMENTACTION=Authorization&AMT=1.95&RETURNURL=https://www.paypal.com&CANCELURL=https://www.paypal.com&METHOD=SetExpressCheckout"
    Response.Redirect(QS)

I then moved on to testing the token generation using the sdk dll (paypal_base.dll). See code below. As each line is generated I added to it a string that writes out to the test page so I can get an idea what is going on our hosting server. We use the express checkout for Digital Goods process. I got the basic code from https://cms.paypal.com/cms_content/FR/fr_FR/files/developer/nvp_DoAuthorization_cs.txt and added the Digital Goods query parameters per the online documentation. This works on my development server and returns the Token. It worked on the hosting site for about four months until sometime between January 27 and January 30 when I got the first notification that a customer could not purchase a product.

When run on our hosting server we get the β€œThe request was aborted: Could not create SSL/TLS secure channel.” error message on the line of code highlighted below. The query string is generated by the encoder and held in the variable pStrrequestforNvp so the encoder works.

I am at a loss. What could be different on the hosting server than on our development server? Is there a method in the dll I could use to write out the actual call to the paypal server? I put the same dll file we used in development on the hosting site, but something is different.

Test the sdk generated query ===========================

Dim caller As NVPCallerServices = New NVPCallerServices
    Dim profile As IAPIProfile = ProfileFactory.createSignatureAPIProfile
    Dim sCEnvironment As String = System.Configuration.ConfigurationManager.AppSettings("Environment")
    Dim dtsettings As DataTable
    Dim sMsg As String
    dtsettings = Dac.ExecuteDataTable("GetCredentials", Dac.Parameter("@Environment", sCEnvironment))

    profile.APIUsername = dtsettings.Rows(0).Item("UserName").ToString
    sMsg = "APIUserName = " & dtsettings.Rows(0).Item("UserName").ToString & "<br/>"

    profile.APISignature = dtsettings.Rows(0).Item("Signature").ToString
    sMsg = sMsg & "APISignature = " & dtsettings.Rows(0).Item("Signature").ToString & "<br/>"

    profile.APIPassword = dtsettings.Rows(0).Item("Password").ToString
    sMsg = sMsg & "APIPassword = " & dtsettings.Rows(0).Item("Password").ToString & "<br/>"

    profile.Environment = dtsettings.Rows(0).Item("Environment").ToString
    sMsg = sMsg & "Environment = " & dtsettings.Rows(0).Item("Environment").ToString & "<br/>"

    caller.APIProfile = profile
    Dim encoder As NVPCodec = New NVPCodec
    encoder("VERSION") = "65.1"
    encoder("METHOD") = "SetExpressCheckout"
    encoder("RETURNURL") = "http://www.multiware.biz/return.aspx"
    encoder("CANCELURL") = "http://www.multiware.biz/cancel.aspx"

    encoder("PAYMENTREQUEST_0_CURRENCYCODE") = "USD"
    encoder("PAYMENTREQUEST_0_PAYMENTACTION") = "Sale"
    encoder("PAYMENTREQUEST_0_AMT") = "1.95"
    encoder("PAYMENTREQUEST_0_ITEMAMT") = "1.95"
    encoder("PAYMENTREQUEST_0_DESC") = "Software"
    encoder("L_PAYMENTREQUEST_0_ITEMCATEGORY0") = "Digital"
    encoder("L_PAYMENTREQUEST_0_NAME0") = "Test"
    encoder("L_PAYMENTREQUEST_0_NUMBER0") = "123"
    encoder("L_PAYMENTREQUEST_0_QTY0") = "1"
    encoder("L_PAYMENTREQUEST_0_AMT0") = "1.95"
    encoder("L_PAYMENTREQUEST_0_DESC0") = "Download"
    encoder("REQCONFIRMSHIPPING") = "0"
    encoder("NOSHIPPING") = "1"
    encoder("SOLUTIONTYPE") = "Sole"
    Try

        Dim pStrrequestforNvp As String = encoder.Encode
        sMsg = sMsg & "pStrrequestforNvp = " & pStrrequestforNvp & "<br/>"

        Dim pStresponsenvp As String = caller.Call(pStrrequestforNvp)     ***Error occurs here***
        sMsg = sMsg & "pStresponsenvp = " & pStresponsenvp & "<br/>"

        Dim decoder As NVPCodec = New NVPCodec
        decoder.Decode(pStresponsenvp)
        Dim Token As String = decoder("TOKEN")
        sMsg = sMsg & "Token = " & Token & "<br/>"
        Me.lblResponse.Text = sMsg.ToString
    Catch ex As Exception
        sMsg = sMsg & "<br/>" & ex.Message.ToString & "<br/>" _
            & ex.StackTrace.ToString
        Me.lblResponse.Text = sMsg.ToString
    End Try
DougM
  • 109
  • 3
  • 16
  • One additional piece of information. The error is generated as soon as we try to connect to paypal. It would seem that something is blocking the connection from IIS as I can just type in the paypal endpoing with query string and get a response and can also do this by doing a response.redirect to the endpoint on the hosting server. Is there a setting in IIS that would block the https connection from code? – DougM Feb 06 '13 at 23:53

1 Answers1

0

I'll answer my own question. After many back and forths with the web hosting service and PayPal we narrowed the problem to the Server not authorizing the Security Certificate. Had to put a trace on our page to find this and prove it was on their side. As I suspected it was an MS update that screwed things up. One day the site was working the next it wasn't.

For further reading on the subject see the dialog at http://forum.arvixe.com/smf/other-programs-promotions-graphics/need-urgent-help!-(paypal-checkout-not-working-any-more)/msg39498/#msg39498

To their credit the Arvixe folks tracked down the problem and eventually resolved it after we went back and forth a few times on whose problem it was.

DougM
  • 109
  • 3
  • 16