Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

new AuthNet requirement of TLS 1.2 #32

Open
jfabiani opened this issue May 9, 2016 · 5 comments
Open

new AuthNet requirement of TLS 1.2 #32

jfabiani opened this issue May 9, 2016 · 5 comments

Comments

@jfabiani
Copy link

jfabiani commented May 9, 2016

Hi,
I'm have been using your paython for years (thank you very much). But now AuthNet has changed the gateway to 'https://secure2.authorize.net/gateway/transact.dll' and now allows only TLS 1.2 to be used. I have been reading your code the best I can and can't really determine what level of encryption is being used. I think is has something to do httplib but I'm not sure. Would you please let me know if TLS1.2 is supported and how to change the code. Thanks in advance,
Johnf

@igorgue
Copy link
Collaborator

igorgue commented May 9, 2016

I think this is due to the version of SSL you have in your operative system. But I'm not an expert in the subject.

If there's any code change to fix this issue it would be here: https://github.com/abunsen/Paython/blob/master/paython/lib/api.py#L92

Because we set the connection options there.

@jfabiani
Copy link
Author

jfabiani commented May 9, 2016

Thanks for the immediate response. I was looking at the class GetGateway where you are using urllib.urlopen(). But I also see where you are attempting to deal with the SSL in class XMLGateway. I was thinking I could import ssl and urllib2 to get the job done. What are your thoughts? Testing a problem with the way AuthNet works - it's hard to determine if I'm doing it right.

@igorgue
Copy link
Collaborator

igorgue commented May 9, 2016

@jfabiani What error do you get? Maybe we can look into it better if I knew that.

@jfabiani
Copy link
Author

jfabiani commented May 9, 2016

Actually I haven't gotten an error because I have not tried it yet. But I have to confirm that the program will continue to work starting June 1, 2016. So I'm researching at the moment. I will start testing today but I wonder what errors I might get from AuthNet. The response from AuthNet does not seem to include anything that would suggest that the encryption protocol is wrong. Meaning if you look at the response list of available items - I don't see anything that will provide a clue why a transaction will be rejected based on the lack of TLS1.2.

@igorgue
Copy link
Collaborator

igorgue commented May 9, 2016

@jfabiani I believe everything will be okay once you try, I think the only thing you'd have to change is the live url on the gateway's code. I think all the SSL stuff we do is handled by the HTTPSConnection call on httplib.

Post here if you get any errors when you try.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants