05-09-2017 12:37 AM
I manage a few sites that still use Classic ASP.
The method of connection is via a MSXML2 component pointing to https://secure.authorize.net/gateway/transact.dll
Is there a simple change i can make in this code somewhere (see below), to test via the sandbox, and see if the server is TLS 1.2 compliant?
set objHttp = server.Createobject("MSXML2.ServerXMLHTTP")
if err.number <> 0 then
'on error goto 0
objHttp.open "POST", strPost, false
objHttpStatus = objHttp.status
strResponse = objHttp.responseText
set objHttp = nothing
05-09-2017 08:50 AM
Another developer asked a similar question on StackOverflow and there are several suggestions to help: http://stackoverflow.com/questions/34997849/classic-asp-outbound-tls-1-2
05-10-2017 02:57 AM - edited 05-10-2017 03:00 AM
You may not need to modify your code at all, but you may need to apply the update from :
https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1.1-and-tls-1.2-as-a-default-..., there is also an Easy Fix on the same page that will modify your registry entries for you.
05-11-2017 07:58 AM
@RichardH- thanks for the reponse.
You will actually see a comment of mine (kneidels) from back in November :-)
@NexusSoftware- thanks also.
Just to clarify - my setup currently works (for now...)i just want to be able to TEST with the tls1.2 version with the sandbox, while leavinjg the current setup active (meaning, probably not changing registry values etc)
is there a way to do this, in your opinion?
05-11-2017 09:11 AM
What version of Windows and the .Net framework is on your server?
Below is a simple test script that will return what your Schannel.dll is connecting with:
<% Set objHttp = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0") objHttp.open "GET", "https://howsmyssl.com/a/check", False objHttp.Send Response.Write objHttp.responseText Set objHttp = Nothing %>
Save as testssl.asp and hit it with your browser. If it returns the with tls_version":"TLS 1.2, you are good to go.
05-17-2017 09:24 AM
For us, the magic was changing all of the objects of type ("MSXML2.ServerXMLHTTP" or "MSXML2.ServerXMLHTTP.3.0") over to the newer "MSXML2.ServerXMLHTTP.6.0".
It would make intuitive sense that the one without the version number chooses the newest version, but this is NOT the case, as it in fact points to the older 3.0 version.
12-28-2017 12:09 PM
I have a classic ASP site as well and looking for confirmation on if I need to make any changes for TLS 1.2. It's been very hard to get an answer.
Did you find a solution/answer?
01-13-2018 12:17 AM - edited 01-13-2018 12:19 AM
Our Sandbox endpoint https://test.authorize.net/gateway/transact.dll only supports a TLS 1.2 connections.
So, if you can test your classic ASP site with this endpoint, and everything turns out to be working fine, you can be rest assured that your integration work fine with TLS 1.2.
Hope this helps !
02-28-2018 07:41 PM
So I tried that script from howsmyssl.com. I tried it and it said my TSL version was 1.0. I got with my host to disable 1.0 and 1.1 and enable 1.2, per my instructions from Authorize.net. When I try to run the script now, I get an error: "An error occurred in the secure channel support"
This is the same error I get in my own code for trying to talk to Authorize.net. If I change the GET to a POST, I get the same error.
If I check my TLS version through a different site, http://ssl-checker.online-domain-tools.com/, it says that TLS 1.2 is supported, and that 1.0 and 1.1 are not supported. But like I say, I still can't POST to Authorize.net (or anywhere, it would seem). My host won't help me, saying they're not programmers. I get that, but I've tried every different ServerObject to make this POST that I've seen and none work.
02-28-2018 08:33 PM - edited 02-28-2018 08:39 PM
Your webserver probably needs TLS 1.0 to communicate with the database server. Have the host re-enable 1.0 and 1.1. Then have the host set the "DefaultSecureProtocols" registry keys to 0x00000800. This key will need to be added to each of these:
On x64-based computers, DefaultSecureProtocols must also be added to the Wow6432Node path: