cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

GetAcceptPaymentPage API is not working even after change of Jdk 1.7 and TLSv1.2

Hi Team,

This is really looks like a blocker for development.

After TLS disablement my GetHostedPaymentPage* API stoped working.

It is returning null response.

 

Note:Here I am using Jdk1.7 and set TLSv1.2 in JVM arguments.

 

The code is as same as given by AN in developer guide.

 

This is the exception I am getting :

00A0: 00 16 00 0B 00 02 01 00                            ........
pool-1-thread-1, received EOFException: error
pool-1-thread-1, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
pool-1-thread-1, SEND TLSv1 ALERT:  fatal, description = handshake_failure
pool-1-thread-1, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 28                               ......(
pool-1-thread-1, called closeSocket()
pool-1-thread-1, IOException in getSession():  javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
pool-1-thread-1, called close()
pool-1-thread-1, called closeInternal(true)
pool-1-thread-1, called close()

 

raviparmarce88
Regular Contributor
1 ACCEPTED SOLUTION

Accepted Solutions

Hi @Aaron

 

Finally I have concluded on workaround for this issue.

I have added below code snippet in GetAnAcceptPaymentPage API calling.

 

final SSLContext sc = SSLContext.getInstance("TLSv1.2");
			sc.init(null,null, new java.security.SecureRandom());
			final SSLSocketFactory socketFactory = sc.getSocketFactory();
			HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);

and it is working fine with jdk1.7 and TLSv1.2.(Lot more to resolve like this way!!!! :)....)

 

And if this is concrete solutions to get the Token from AN server.

 

I really appreciate  your help and quick response.

 

View solution in original post

6 REPLIES 6

Hi @raviparmarce88,

 

Can you verify that your setup also supports the ciphers in use on our server? You can see the ciphers used in sandbox here:

 

https://www.ssllabs.com/ssltest/analyze.html?d=apitest.authorize.net

 

Could you also maybe code up a little test to determine if you can even reach the server using TLS 1.2? If you could just cause your code to do an HTTP get request to https://apitest.authorize.net, you should get back an HTTP 403 status and some HTML showing a "Forbidden" page. If you get that but API access isn't working, we can troubleshoot some more. If you can't even connect to the server at all, that's a different level of troubleshooting on your end.

Aaron
All Star

Thanks @Aaron

 

Yes, I have tried to connect the server with HTTP get request to https://apitest.authorize.net and getting response code 403 which means  https://apitest.authorize.net is accessible to me. And it seems working as expected and taking correct TLSv1.2.

URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// optional default is GET
con.setRequestMethod("GET");

SSLContext sc = SSLContext.getInstance("TLSv1.2"); sc.init(null, null, new java.security.SecureRandom()); con.setSSLSocketFactory(sc.getSocketFactory());
int responseCode = con.getResponseCode();

 

But with the below API access is getting the exception as mentioned in earlier post.

GetHostedPaymentPageController controller = new GetHostedPaymentPageController(apiRequest);
controller.execute();
       
        GetHostedPaymentPageResponse response = new GetHostedPaymentPageResponse();
		response = controller.getApiResponse();

Could you please guide me how to debug into this API access

 

Is there any way by which i can verify supported ciphers from my setup which is same as in AN server.?

 

raviparmarce88
Regular Contributor

Hi @Aaron

 

Finally I have concluded on workaround for this issue.

I have added below code snippet in GetAnAcceptPaymentPage API calling.

 

final SSLContext sc = SSLContext.getInstance("TLSv1.2");
			sc.init(null,null, new java.security.SecureRandom());
			final SSLSocketFactory socketFactory = sc.getSocketFactory();
			HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);

and it is working fine with jdk1.7 and TLSv1.2.(Lot more to resolve like this way!!!! :)....)

 

And if this is concrete solutions to get the Token from AN server.

 

I really appreciate  your help and quick response.

 

 

We are having a very similar issue to Ravi, but we are using the precompiled libraries (compile 'net.authorize:anet-java-sdk:1.8.3'):

 

 

'Connection reset': 'null', '[java.net.SocketInputStream.read(SocketInputStream.java:196),
java.net.SocketInputStream.read(SocketInputStream.java:122),
sun.security.ssl.InputRecord.readFully(InputRecord.java:442),
sun.security.ssl.InputRecord.read(InputRecord.java:480),
sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:946),
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344), 
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371), 
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355),
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:543),
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:409),
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177),
org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304),
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611),
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446),
org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882), 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82),
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107), 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55),
net.authorize.util.HttpClient.executeXML(HttpClient.java:222), 
net.authorize.Merchant.postTransaction(Merchant.java:295), 
net.authorize.Merchant$postTransaction$1.call(Unknown Source),

 

 

We tried the seting the default factory both in a static block and directly before the call  to create merchant and in a static block:

final SSLContext sc = SSLContext.getInstance("TLSv1.2");
			sc.init(null,null, new java.security.SecureRandom());
			final SSLSocketFactory socketFactory = sc.getSocketFactory();
			HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory);
 Merchant.createMerchant(anetEnvironment, apiLoginId, transactionKey);

 

 

Our JVM is OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)

 

Any help would be greatly appreciated.

Hi @hexaplus,

 

You reference a 1.8.3 version in your post. Any improvement if you try with the latest version (1.9.3)?