Stripe & TLS v 1.2

This topic contains 11 replies, has 2 voices, and was last updated by  Stiofan O’Connor 7 years, 8 months ago.

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket

Tagged: ,

  • Author
    Posts
  • #367001

    Paul Ceppaglia
    Expired Member
    Post count: 29

    Hi,

    I’m testing the functionality of the GeoDirectory Stripe Payment Gateway add-on v 1.6.3.

    I’ve got Stripe set to test mode.

    When I run a test transaction, it’s failing.

    Looking at the Stripe log, I see:

    {
    “error”: {
    “type”: “invalid_request_error”,
    “message”: “Stripe no longer supports API requests made with TLS 1.0. Please initiate HTTPS connections with TLS 1.2 or later. You can learn more about this at https://stripe.com/blog/upgrading-tls.”
    }
    }

    However, my server IS configured for TLS 1.2. I have verified this multiple ways.

    I contacted Stripe support regarding this problem. Their response was:

    Thanks for sending this over Paul. It looks like the TLS 1.0 status may be coming from the Plugin you are using. I would recommend reaching out to the plugin provider to make sure they have the proper TLS status in place with that plugin,

    #367017

    Stiofan O’Connor
    Site Admin
    Post count: 22956

    Hi Paul,

    This is usually down to the server setup but if you provide wp-admin i will check things over.

    Thanks,

    Stiofan

    #367019

    Paul Ceppaglia
    Expired Member
    Post count: 29
    This reply has been marked as private.
    #367023

    Stiofan O’Connor
    Site Admin
    Post count: 22956
    This reply has been marked as private.
    #367032

    Paul Ceppaglia
    Expired Member
    Post count: 29

    Hi,

    I contacted the hosting company. They are saying this is NOT a server issue.

    I briefed them on everything that you’ve done. Here’s what they said:

    “It may be that a newer curl version is required on your DV.
    You could try updating the curl page manually, perhaps running yum update curl. Otherwise I’d have you check with your provider what curl version they expect, or support. ”

    I tried running this command…server response was “No packages marked for update”

    Their response:

    “In that case it indicates that the issue lies not with the server, but with the encryption method specified by curl itself when making those connections.
    Information on specifying that here:

    https://curl.haxx.se/libcurl/c/CURLOPT_SSLVERSION.html

    I asked:

    So, where exactly is that defined/specified? On the server (e.g. in a config file) or in the plugin code?

    Their reply:

    “It would be in the PHP code, see the test he specified doesn’t specify what version of TLS to use.”

    “Your server definitively supports TLS 1.2, but if the code isn’t using that for the connection, then it will appear as a TLS 1 connection.
    This stackoverflow article explains nicely:
    http://stackoverflow.com/questions/30145089/tls-1-2-not-working-in-curl

    “That article has a suggestion of upgrading certain packages at the end of the article, perhaps that would help. That being said, we don’t directly assist with package management in support, so I’d suggest working with the plugin / service for information on what versions of openssl, curl, etc they need.”

    #367035

    Paul Ceppaglia
    Expired Member
    Post count: 29

    I just tried updating some other packages per that stackoverflow link…hang on and let me try this again…

    #367037

    Paul Ceppaglia
    Expired Member
    Post count: 29

    That update fixed the problem. 🙂

    #367038

    Paul Ceppaglia
    Expired Member
    Post count: 29
    This reply has been marked as private.
    #367145

    Paul Ceppaglia
    Expired Member
    Post count: 29

    Hi Stiofan,

    When you get a moment, could you please let me know about the code snippet I listed above? I just want to restore my 404 code before I get too busy with my next project and forget.

    Thanks!

    #367201

    Stiofan O’Connor
    Site Admin
    Post count: 22956

    Hi Paul,

    Glad you got it resolved, was it OpenSSL that ended up resolving it?

    Yeah thats the code u can remove it and reactivate that plugin.

    Thanks,

    Stiofan

    #367241

    Paul Ceppaglia
    Expired Member
    Post count: 29

    I updated both NSS and OpenSSL…I’m not sure which one fixed it, but it was one of those two.

    Thanks again for your help! Now that I have that issue resolved I can get back to layout & design, and then site optimization (I’m going to try to get some combination of GD Booster, WP Super Cache and Autoptimize to play well together, as well as implement a new CDN).

    We’re looking to go live at the end of the month.

    #367242

    Stiofan O’Connor
    Site Admin
    Post count: 22956

    Thanks for letting us know!

    FYI, u should use EITHER GD Booster OR WP Super Cache + Autoptimize

    Remember most of the caching done is for logged out users, so its best to test in an incognito window when testing speeds.

    Good luck 🙂

    Stiofan

Viewing 12 posts - 1 through 12 (of 12 total)

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket
20% Discount Offer
Hurry! Get your 20% discount before it expires. Get 20% Discount