You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by JohnBrown <mi...@softasap.net> on 2008/02/21 15:09:38 UTC
Re: POS and Authorize.net error
Hi Vince,
Had you any luck to get it working with signed CA there after? Please, let
me know how it has ended up. Thanks.
Vince Clark wrote:
>
> Here is what I have found. The trusted certificate error comes from
> HttpClient.java/HttpClientException.java.
>
> In HttpClient.java I changed trustAny from trustAny=false to
> trustAny=true.
>
> This gets us by for testing with Authorize.net test servers. Not sure if
> it will fly in production without a "trusted" certificate, or whether that
> cert must be signed by a CA. Anyone?
>
>
> ----- Original Message -----
> From: "BJ Freeman" <bj...@free-man.net>
> To: user@ofbiz.apache.org
> Sent: Tuesday, November 27, 2007 4:59:21 PM (GMT-0700) America/Denver
> Subject: Re: POS and Authorize.net error
>
> Oh the ver 4.0 has the cvv code but the trunk does not.
>
>
> BJ Freeman sent the following on 11/27/2007 3:57 PM:
>> there are differences between the one in the ver 4.0 and trunk
>> both were updated about the same day. .
>> the trunk one checks further to see if the test property is null
>> if it is then it returns test is true.
>> where ver 4.0 looks only for a TRUE to mark it as a test.
>> if null will allow the processes to run as non test.
>>
>> David E Jones sent the following on 11/27/2007 2:58 PM:
>>> On Nov 27, 2007, at 3:38 PM, Vince M. Clark wrote:
>>>
>>>> No. Once I realized I had a cert issue I started reading up on related
>>>> ML postings and the Technical Production Setup Guide.
>>>>
>>>> In the past we were running on OpenTaps when we setup Authorize.net. I
>>>> guess all the SSL config is already done for you in Open Taps because
>>>> we never had to mess with it.
>>> Actually I think this is a new feature, and one recently required by
>>> Authorize.net because they had some cut-off date after which they would
>>> not process transactions without an encrypted connection.
>>>
>>> -David
>>>
>>
>>
>>
>
>
--
View this message in context: http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15612168.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
Re: POS and Authorize.net error
Posted by JohnBrown <mi...@softasap.net>.
Hi Vince,
Thank you for update.
Vince Clark wrote:
>
> We have gone thru the exercise of generating our own certs, but haven't
> tried changing the trustAny variable to false.
>
> Vince Clark
> Global Era
> The Freedom of Open Source
> vclark@globalera.com
> (303) 493-6723
>
> ----- Original Message -----
> From: "JohnBrown" <mi...@softasap.net>
> To: user@ofbiz.apache.org
> Sent: Thursday, February 21, 2008 9:34:31 AM (GMT-0700) America/Denver
> Subject: Re: POS and Authorize.net error
>
>
> Hi I use rev.610611 it is a month old or so. And I think I had
> trustAny=false
> there. Well, if change it to "true" it connected to gateway etc. as it was
> in your case. I was just wondering if you got it working with either
> authority or self signed cert. In other words with trustAny = false value.
>
>
> Vince Clark wrote:
>>
>> What rev are you running. When I ran into this error I changed
>> HttpClientException.java and set trustAny=true. After I changed that I
>> noticed that the same change was also committed to trunk. This was a
>> couple of months ago. If you want to keep the trusted cert restriction
>> you
>> will need to go thru the steps on the docs site to generate your own cert
>> and add it to your keystore. I think that information is in the technical
>> production setup guide. I don't think it is absolutely necessary to have
>> the cert signed by an authority but I'm just a hack on this topic, not an
>> expert.
>>
>> Vince Clark
>> Global Era
>> The Freedom of Open Source
>> vclark@globalera.com
>> (303) 493-6723
>>
>> ----- Original Message -----
>> From: "JohnBrown" <mi...@softasap.net>
>> To: user@ofbiz.apache.org
>> Sent: Thursday, February 21, 2008 7:09:38 AM (GMT-0700) America/Denver
>> Subject: Re: POS and Authorize.net error
>>
>>
>> Hi Vince,
>>
>> Had you any luck to get it working with signed CA there after? Please,
>> let
>> me know how it has ended up. Thanks.
>>
>>
>> Vince Clark wrote:
>>>
>>> Here is what I have found. The trusted certificate error comes from
>>> HttpClient.java/HttpClientException.java.
>>>
>>> In HttpClient.java I changed trustAny from trustAny=false to
>>> trustAny=true.
>>>
>>> This gets us by for testing with Authorize.net test servers. Not sure if
>>> it will fly in production without a "trusted" certificate, or whether
>>> that
>>> cert must be signed by a CA. Anyone?
>>>
>>>
>>> ----- Original Message -----
>>> From: "BJ Freeman" <bj...@free-man.net>
>>> To: user@ofbiz.apache.org
>>> Sent: Tuesday, November 27, 2007 4:59:21 PM (GMT-0700) America/Denver
>>> Subject: Re: POS and Authorize.net error
>>>
>>> Oh the ver 4.0 has the cvv code but the trunk does not.
>>>
>>>
>>> BJ Freeman sent the following on 11/27/2007 3:57 PM:
>>>> there are differences between the one in the ver 4.0 and trunk
>>>> both were updated about the same day. .
>>>> the trunk one checks further to see if the test property is null
>>>> if it is then it returns test is true.
>>>> where ver 4.0 looks only for a TRUE to mark it as a test.
>>>> if null will allow the processes to run as non test.
>>>>
>>>> David E Jones sent the following on 11/27/2007 2:58 PM:
>>>>> On Nov 27, 2007, at 3:38 PM, Vince M. Clark wrote:
>>>>>
>>>>>> No. Once I realized I had a cert issue I started reading up on
>>>>>> related
>>>>>> ML postings and the Technical Production Setup Guide.
>>>>>>
>>>>>> In the past we were running on OpenTaps when we setup Authorize.net.
>>>>>> I
>>>>>> guess all the SSL config is already done for you in Open Taps because
>>>>>> we never had to mess with it.
>>>>> Actually I think this is a new feature, and one recently required by
>>>>> Authorize.net because they had some cut-off date after which they
>>>>> would
>>>>> not process transactions without an encrypted connection.
>>>>>
>>>>> -David
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15612168.html
>> Sent from the OFBiz - User mailing list archive at Nabble.com.
>>
>>
>>
>
> --
> View this message in context:
> http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15613826.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>
>
>
--
View this message in context: http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15618715.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
Re: POS and Authorize.net error
Posted by "Vince M. Clark" <vc...@globalera.com>.
We have gone thru the exercise of generating our own certs, but haven't tried changing the trustAny variable to false.
Vince Clark
Global Era
The Freedom of Open Source
vclark@globalera.com
(303) 493-6723
----- Original Message -----
From: "JohnBrown" <mi...@softasap.net>
To: user@ofbiz.apache.org
Sent: Thursday, February 21, 2008 9:34:31 AM (GMT-0700) America/Denver
Subject: Re: POS and Authorize.net error
Hi I use rev.610611 it is a month old or so. And I think I had trustAny=false
there. Well, if change it to "true" it connected to gateway etc. as it was
in your case. I was just wondering if you got it working with either
authority or self signed cert. In other words with trustAny = false value.
Vince Clark wrote:
>
> What rev are you running. When I ran into this error I changed
> HttpClientException.java and set trustAny=true. After I changed that I
> noticed that the same change was also committed to trunk. This was a
> couple of months ago. If you want to keep the trusted cert restriction you
> will need to go thru the steps on the docs site to generate your own cert
> and add it to your keystore. I think that information is in the technical
> production setup guide. I don't think it is absolutely necessary to have
> the cert signed by an authority but I'm just a hack on this topic, not an
> expert.
>
> Vince Clark
> Global Era
> The Freedom of Open Source
> vclark@globalera.com
> (303) 493-6723
>
> ----- Original Message -----
> From: "JohnBrown" <mi...@softasap.net>
> To: user@ofbiz.apache.org
> Sent: Thursday, February 21, 2008 7:09:38 AM (GMT-0700) America/Denver
> Subject: Re: POS and Authorize.net error
>
>
> Hi Vince,
>
> Had you any luck to get it working with signed CA there after? Please, let
> me know how it has ended up. Thanks.
>
>
> Vince Clark wrote:
>>
>> Here is what I have found. The trusted certificate error comes from
>> HttpClient.java/HttpClientException.java.
>>
>> In HttpClient.java I changed trustAny from trustAny=false to
>> trustAny=true.
>>
>> This gets us by for testing with Authorize.net test servers. Not sure if
>> it will fly in production without a "trusted" certificate, or whether
>> that
>> cert must be signed by a CA. Anyone?
>>
>>
>> ----- Original Message -----
>> From: "BJ Freeman" <bj...@free-man.net>
>> To: user@ofbiz.apache.org
>> Sent: Tuesday, November 27, 2007 4:59:21 PM (GMT-0700) America/Denver
>> Subject: Re: POS and Authorize.net error
>>
>> Oh the ver 4.0 has the cvv code but the trunk does not.
>>
>>
>> BJ Freeman sent the following on 11/27/2007 3:57 PM:
>>> there are differences between the one in the ver 4.0 and trunk
>>> both were updated about the same day. .
>>> the trunk one checks further to see if the test property is null
>>> if it is then it returns test is true.
>>> where ver 4.0 looks only for a TRUE to mark it as a test.
>>> if null will allow the processes to run as non test.
>>>
>>> David E Jones sent the following on 11/27/2007 2:58 PM:
>>>> On Nov 27, 2007, at 3:38 PM, Vince M. Clark wrote:
>>>>
>>>>> No. Once I realized I had a cert issue I started reading up on related
>>>>> ML postings and the Technical Production Setup Guide.
>>>>>
>>>>> In the past we were running on OpenTaps when we setup Authorize.net. I
>>>>> guess all the SSL config is already done for you in Open Taps because
>>>>> we never had to mess with it.
>>>> Actually I think this is a new feature, and one recently required by
>>>> Authorize.net because they had some cut-off date after which they would
>>>> not process transactions without an encrypted connection.
>>>>
>>>> -David
>>>>
>>>
>>>
>>>
>>
>>
>
> --
> View this message in context:
> http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15612168.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>
>
>
--
View this message in context: http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15613826.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
Re: POS and Authorize.net error
Posted by JohnBrown <mi...@softasap.net>.
Hi I use rev.610611 it is a month old or so. And I think I had trustAny=false
there. Well, if change it to "true" it connected to gateway etc. as it was
in your case. I was just wondering if you got it working with either
authority or self signed cert. In other words with trustAny = false value.
Vince Clark wrote:
>
> What rev are you running. When I ran into this error I changed
> HttpClientException.java and set trustAny=true. After I changed that I
> noticed that the same change was also committed to trunk. This was a
> couple of months ago. If you want to keep the trusted cert restriction you
> will need to go thru the steps on the docs site to generate your own cert
> and add it to your keystore. I think that information is in the technical
> production setup guide. I don't think it is absolutely necessary to have
> the cert signed by an authority but I'm just a hack on this topic, not an
> expert.
>
> Vince Clark
> Global Era
> The Freedom of Open Source
> vclark@globalera.com
> (303) 493-6723
>
> ----- Original Message -----
> From: "JohnBrown" <mi...@softasap.net>
> To: user@ofbiz.apache.org
> Sent: Thursday, February 21, 2008 7:09:38 AM (GMT-0700) America/Denver
> Subject: Re: POS and Authorize.net error
>
>
> Hi Vince,
>
> Had you any luck to get it working with signed CA there after? Please, let
> me know how it has ended up. Thanks.
>
>
> Vince Clark wrote:
>>
>> Here is what I have found. The trusted certificate error comes from
>> HttpClient.java/HttpClientException.java.
>>
>> In HttpClient.java I changed trustAny from trustAny=false to
>> trustAny=true.
>>
>> This gets us by for testing with Authorize.net test servers. Not sure if
>> it will fly in production without a "trusted" certificate, or whether
>> that
>> cert must be signed by a CA. Anyone?
>>
>>
>> ----- Original Message -----
>> From: "BJ Freeman" <bj...@free-man.net>
>> To: user@ofbiz.apache.org
>> Sent: Tuesday, November 27, 2007 4:59:21 PM (GMT-0700) America/Denver
>> Subject: Re: POS and Authorize.net error
>>
>> Oh the ver 4.0 has the cvv code but the trunk does not.
>>
>>
>> BJ Freeman sent the following on 11/27/2007 3:57 PM:
>>> there are differences between the one in the ver 4.0 and trunk
>>> both were updated about the same day. .
>>> the trunk one checks further to see if the test property is null
>>> if it is then it returns test is true.
>>> where ver 4.0 looks only for a TRUE to mark it as a test.
>>> if null will allow the processes to run as non test.
>>>
>>> David E Jones sent the following on 11/27/2007 2:58 PM:
>>>> On Nov 27, 2007, at 3:38 PM, Vince M. Clark wrote:
>>>>
>>>>> No. Once I realized I had a cert issue I started reading up on related
>>>>> ML postings and the Technical Production Setup Guide.
>>>>>
>>>>> In the past we were running on OpenTaps when we setup Authorize.net. I
>>>>> guess all the SSL config is already done for you in Open Taps because
>>>>> we never had to mess with it.
>>>> Actually I think this is a new feature, and one recently required by
>>>> Authorize.net because they had some cut-off date after which they would
>>>> not process transactions without an encrypted connection.
>>>>
>>>> -David
>>>>
>>>
>>>
>>>
>>
>>
>
> --
> View this message in context:
> http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15612168.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>
>
>
--
View this message in context: http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15613826.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
Re: POS and Authorize.net error
Posted by "Vince M. Clark" <vc...@globalera.com>.
What rev are you running. When I ran into this error I changed HttpClientException.java and set trustAny=true. After I changed that I noticed that the same change was also committed to trunk. This was a couple of months ago. If you want to keep the trusted cert restriction you will need to go thru the steps on the docs site to generate your own cert and add it to your keystore. I think that information is in the technical production setup guide. I don't think it is absolutely necessary to have the cert signed by an authority but I'm just a hack on this topic, not an expert.
Vince Clark
Global Era
The Freedom of Open Source
vclark@globalera.com
(303) 493-6723
----- Original Message -----
From: "JohnBrown" <mi...@softasap.net>
To: user@ofbiz.apache.org
Sent: Thursday, February 21, 2008 7:09:38 AM (GMT-0700) America/Denver
Subject: Re: POS and Authorize.net error
Hi Vince,
Had you any luck to get it working with signed CA there after? Please, let
me know how it has ended up. Thanks.
Vince Clark wrote:
>
> Here is what I have found. The trusted certificate error comes from
> HttpClient.java/HttpClientException.java.
>
> In HttpClient.java I changed trustAny from trustAny=false to
> trustAny=true.
>
> This gets us by for testing with Authorize.net test servers. Not sure if
> it will fly in production without a "trusted" certificate, or whether that
> cert must be signed by a CA. Anyone?
>
>
> ----- Original Message -----
> From: "BJ Freeman" <bj...@free-man.net>
> To: user@ofbiz.apache.org
> Sent: Tuesday, November 27, 2007 4:59:21 PM (GMT-0700) America/Denver
> Subject: Re: POS and Authorize.net error
>
> Oh the ver 4.0 has the cvv code but the trunk does not.
>
>
> BJ Freeman sent the following on 11/27/2007 3:57 PM:
>> there are differences between the one in the ver 4.0 and trunk
>> both were updated about the same day. .
>> the trunk one checks further to see if the test property is null
>> if it is then it returns test is true.
>> where ver 4.0 looks only for a TRUE to mark it as a test.
>> if null will allow the processes to run as non test.
>>
>> David E Jones sent the following on 11/27/2007 2:58 PM:
>>> On Nov 27, 2007, at 3:38 PM, Vince M. Clark wrote:
>>>
>>>> No. Once I realized I had a cert issue I started reading up on related
>>>> ML postings and the Technical Production Setup Guide.
>>>>
>>>> In the past we were running on OpenTaps when we setup Authorize.net. I
>>>> guess all the SSL config is already done for you in Open Taps because
>>>> we never had to mess with it.
>>> Actually I think this is a new feature, and one recently required by
>>> Authorize.net because they had some cut-off date after which they would
>>> not process transactions without an encrypted connection.
>>>
>>> -David
>>>
>>
>>
>>
>
>
--
View this message in context: http://www.nabble.com/POS-and-Authorize.net-error-tp13926360p15612168.html
Sent from the OFBiz - User mailing list archive at Nabble.com.