Reply
Member
Posts: 7
Registered: ‎06-04-2014

Re: SSL Timeout Connecting to Sandbox

Yes the old code (CURLOPT_SSL_VERIFYPEER, FALSE) now works (as does the new CURLOPT_SSLVERSION, 3 option). 

Posts: 321
Topics: 5
Kudos: 37
Blog Posts: 5
Ideas: 0
Solutions: 26
Registered: ‎11-09-2011

Re: SSL Timeout Connecting to Sandbox

As I mentioned, the issue was with moving SSL termination in our network. We're working on a fix. We will have more details once we're at liberty to discuss it further. I apologize I can't say much more at this time.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.
Member
Posts: 7
Registered: ‎06-03-2014

Re: SSL Timeout Connecting to Sandbox

Where can we expect to see the notice about what to expect, when it's ready to be publicized?

Posts: 321
Topics: 5
Kudos: 37
Blog Posts: 5
Ideas: 0
Solutions: 26
Registered: ‎11-09-2011

Re: SSL Timeout Connecting to Sandbox

Due to data security requirements I can only divulge so much.

The thing to bear in mind is that what we saw in Sandbox was unexpected behavior, but it also wasn't final.

 

We're working on a testing platform for what we expect to be the final configuration, and we will be asking a few of you who can troubleshoot SSL connection issues to test on that to confirm SSL termination works there. It's likely to be bear-bones, and may not even have API services, since the only thing we need to confirm is working SSL termination.

 

We are working diligently to make as little impact as possible. There should not be much if any need to make code changes, and the fact that some of you did need to make changes in Sandbox this first round has made us re-evaluate the approach and try something new. Hence the testing platform we're working on.

We'll be posting in the Community Forums when the testing platform is ready.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.
Member
Posts: 9
Registered: ‎06-03-2014

Re: SSL Timeout Connecting to Sandbox

I'm curious if authorize.net is affected by the new POODLE exploit in SSLv3 I'm replying here since there were changes in ciphers and a suggested work around for some was to force SSLv3.