Reply
Highlighted
Member
Posts: 5
Registered: ‎05-25-2011

AIM Transactions with Java SDK, SSL/TLS issue

Hello all,

     I'm writing an application that is using the Authorize.NET Java SDK and Advanced Integration Method to post payments.  Currently, when I attempt to post a payment to Authorize.NET using AIM I receive an SSLPeerUnverifiedException.  To attempt to fix the issue I've gone to entrust.net and made sure that all of their signing certificates are trusted by my JVM, but I still receive the same SSLPeerUnverifiedException.

 

To gain further insight into the problem I downloaded the source for the anet-java-sdk-1.4.3 and ran the tests included there.  None of the AIM tests work in the SDK test suite, but the ARB tests execute like a champ (as well as some other tests).  An interesting tidbit is that it looks like the ARB tests in the SDK are posting to https://apitest.authorize.net rather than https://test.authorize.net. 

 

After gleaning that information from the SDK tests I turned on the -Djava.net.debug=all option and I find that when my machine is attempting to connect to https://test.authorize.net  I am not being sent any SSL Certificate information during the SSL/TLS handshake.  At the point where I should be receiving the SSL cert, I receive an "unexpected message" and the connection closes and throws the SSLPeerUnverifiedException.

 

Here is some output from the javax.net.debug logging when my machine attempts to connect to https://test.authorize.net:

-----------------------

trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
main, setSoTimeout(0) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1289486633 bytes = { 190, 205, 75, 22, 69, 252, 32, 181, 36, 207, 181, 222, 126, 163, 194, 28, 40, 183, 132, 23, 131, 33, 142, 51, 143, 162, 4, 12 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 75
0000: 01 00 00 47 03 01 4D DC   01 29 BE CD 4B 16 45 FC  ...G..M..)..K.E.
0010: 20 B5 24 CF B5 DE 7E A3   C2 1C 28 B7 84 17 83 21   .$.......(....!
0020: 8E 33 8F A2 04 0C 00 00   20 00 04 00 05 00 2F 00  .3...... ...../.
0030: 33 00 32 00 0A 00 16 00   13 00 09 00 15 00 12 00  3.2.............
0040: 03 00 08 00 14 00 11 00   FF 01 00                 ...........
main, WRITE: TLSv1 Handshake, length = 75
[write] MD5 and SHA1 hashes:  len = 101
0000: 01 03 01 00 3C 00 00 00   20 00 00 04 01 00 80 00  ....<... .......
0010: 00 05 00 00 2F 00 00 33   00 00 32 00 00 0A 07 00  ..../..3..2.....
0020: C0 00 00 16 00 00 13 00   00 09 06 00 40 00 00 15  ............@...
0030: 00 00 12 00 00 03 02 00   80 00 00 08 00 00 14 00  ................
0040: 00 11 00 00 FF 4D DC 01   29 BE CD 4B 16 45 FC 20  .....M..)..K.E.
0050: B5 24 CF B5 DE 7E A3 C2   1C 28 B7 84 17 83 21 8E  .$.......(....!.
0060: 33 8F A2 04 0C                                     3....
main, WRITE: SSLv2 client hello message, length = 101
[Raw write]: length = 103
0000: 80 65 01 03 01 00 3C 00   00 00 20 00 00 04 01 00  .e....<... .....
0010: 80 00 00 05 00 00 2F 00   00 33 00 00 32 00 00 0A  ....../..3..2...
0020: 07 00 C0 00 00 16 00 00   13 00 00 09 06 00 40 00  ..............@.
0030: 00 15 00 00 12 00 00 03   02 00 80 00 00 08 00 00  ................
0040: 14 00 00 11 00 00 FF 4D   DC 01 29 BE CD 4B 16 45  .......M..)..K.E
0050: FC 20 B5 24 CF B5 DE 7E   A3 C2 1C 28 B7 84 17 83  . .$.......(....
0060: 21 8E 33 8F A2 04 0C                               !.3....
main, handling exception: java.net.SocketException: Connection reset
main, SEND TLSv1 ALERT:  fatal, description = unexpected_message
main, WRITE: TLSv1 Alert, length = 2
main, Exception sending alert: java.net.SocketException: Connection reset by peer: socket write error
main, called closeSocket()
main, IOException in getSession():  java.net.SocketException: Connection reset
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
05/24/11 14:04:09,960: ERROR [main] (net.authorize.util.HttpClient:150) - HttpClient execution failed
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)
    at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:339)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:123)
    at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:147)
    at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
    at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
    at net.authorize.util.HttpClient.execute(HttpClient.java:127)
    at net.authorize.Merchant.postTransaction(Merchant.java:286)
    at edu.letu.ecommerce.nottingham.payment.service.TestAuthorizeDotNetPaymentGatewayTest.testSimpleTransaction(TestAuthorizeDotNetPaymentGatewayTest.java:153)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
    at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
    at org.junit.runners.BlockJUnit4ClassRunner.runNotIgnored(BlockJUnit4ClassRunner.java:79)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:71)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49)
    at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
    at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
    at org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:35)
    at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:115)
    at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:97)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.maven.surefire.booter.ProviderFactory$ClassLoaderProxy.invoke(ProviderFactory.java:103)
    at $Proxy0.invoke(Unknown Source)
    at org.apache.maven.surefire.booter.SurefireStarter.invokeProvider(SurefireStarter.java:150)
    at org.apache.maven.surefire.booter.SurefireStarter.runSuitesInProcess(SurefireStarter.java:91)
    at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:69)

 

 

 

From what I'm seeing, it seems that https://test.authorize.net isn't responding properly to the requests I'm sending.  Is this an authorize.net issue or something wrong on my end?  Any thoughts or help is much appreciated! 

 

Thanks,

Elameno

 

Highlighted
Member
Posts: 5
Registered: ‎05-25-2011

Re: AIM Transactions with Java SDK, SSL/TLS issue

Another bit of info is that, when I direct my browser to https://test.authorize.net I get "Connection was reset" and no SSL cert is provided.  When I navigate to https://apitest.authroize.net I do get an SSL cert and an HTTP response.

 

Any thoughts?

Highlighted
Administrator
Posts: 591
Registered: ‎08-21-2009

Re: AIM Transactions with Java SDK, SSL/TLS issue

I am not able to reproduce any kind of error connecting to https://test.authorize.net either programmatically or using a web browser.  In all cases, I am receiving a valid certificate.  In fact, the same certificate for *.authorize.net is used for both https://test.authorize.net and https://apitest.authorize.net.  The only recommendation I can make is to trace your connection ane make sure that you are not being redirected by a proxy of some sort.  I have not seen any other reports of errors establishing this connection.

Highlighted
Member
Posts: 1
Registered: ‎09-19-2011

Re: AIM Transactions with Java SDK, SSL/TLS issue

I am getting the following error while processing the payment-

 

 javax.net.ssl.SSLPeerUnverifiedException: No peer certificate01-01 07:39:05.476: WARN/System.err(12324):     t org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:258)

org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93)

org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)0org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)01-org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)

org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)

org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:436)

org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)0

org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)0

at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)

com.ddsionline.ddsipharm.MakePayment.postData(MakePayment.java:360)

com.ddsionline.ddsipharm.MakePayment$14$1.run(MakePayment.java:233)

t java.lang.Thread.run(Thread.java:1019)

Highlighted
Member
Posts: 5
Registered: ‎05-25-2011

Re: AIM Transactions with Java SDK, SSL/TLS issue

I forgot to follow up here, but the problem we were running into happened to be that WebSense was blocking test.authorize.net    We altered our configuration and it began working like a champ.