I am using Classic ASP on a Windows Server 2008 R2 Standard 64-bit with SQL Server 2012
I use the following code to post a transaction to Authorize.net (which quit working after 14 years on Feb 28!)
set oHttp = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")
oHttp.Open "POST", "https://secure2.authorize.net/gateway/transact.dll?" & sPostData, false
oHttp.Send ""
sPaymentStatus=oHttp.Status
sPaymentRetval = oHttp.ResponseText
It is now working finally.
I don’t know if “secure2” (in https://secure2.authorize.net/gateway/transact.dll... it used to just be secure) makes a difference. It was something an authorize.net rep suggested early in the process but it didn’t solve anything at the time. I haven’t tried without it.
I also installed .NET 4.6.1 but I don’t know if that was part of the solution.
The following pages on my site show my current security settings after all the changes:
https://www.ssllabs.com/ssltest/analyze.html?d=www.real-estate-agent-lists.com
http://www.real-estate-agent-lists.com/testssl.asp
As best as I can recall with assistance from my host technical support these were the steps:
- Disable all security settings except TLS 1.2 in the Registry as described earlier in this thread.
There is a key for each protocol located here
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\
The process is described at https://tecadmin.net/enable-tls-on-windows-server-and-iis/
2. This broke SQL Server connection for me because apparently SQL Server 2012 requires TLS 1.0 or SSL 3.0. This was going to be a big problem but I found a solution here:
https://blogs.sentryone.com/aaronbertrand/tls-1-2-support-read-first/
which has patches that gives SQL Server 2012 TLS 1.2 support.
This however required a change to my connection string in Classic ASP because SQLOLEDB has been deprecated and doesn’t support TLS 1.2!
To fix this problem required installation of SQL Net Client on the server (ODBC may work also) and the following code change to the connection string. The key changes are “provider” is now SQLNCCLI11 and the end of the connection string is “Trusted_Connection=No;DataTypeCompatibility=80” No idea what that does but I saw it somewhere and it works!
sqlConn=”PROVIDER=SQLNCLI11;SERVER=server;DATABASE=dbname;UID=username;pwd=password;Trusted_Connection=No;DataTypeCompatibility=80"
3. The TLS 1.2 registry change also broke my RDP connection from my Windows 7 (64-bit) computer at home.
I had to install
https://support.microsoft.com/en-us/help/3080079/update-to-add-rds-support-for-tls-1-1-and-tls-1-2-i...
which gave TLS 1.2 support to my RDP client I think. It now works.
4. Finally after all that, my authorize.net MSXML2.ServerXMLHTTP.6.0 post still didn’t work. The final change which was recommended earlier in this thread did the trick… Add a DWORD “DefaultSecureProtocols” value of 800 to the following Registry entries. Actually I think you only have to do the first one for 32-bit and the second for 64-bit but I did both.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings