Qphoria FirstData Payment Gateway API

Quote

Post by deuce » Thu Aug 05, 2010 2:45 am

So, I have a valid GoDaddy SSL cert installed, my browser shows full security after I fixed a few minor calls from unsecure locations. The system is in text mode and I am trying to checkout with the test card 4111... and I keep getting the error message
SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I called FirstData and they are saying that sounds nothing like any of their errors. I was hoping someone might be able to help shed some light on the subject. You can see the current development cart at https://www[dot]fastfreeze[dot]com/products/

Thanks!!
deuce
New member
Posts
31
Joined
Sat Jul 03, 2010 1:40 am
Top

Re: Qphoria FirstData Payment Gateway API

Quote

Post by Qphoria » Thu Aug 05, 2010 4:07 am

The error is a curl ssl error. FirstData supplies their own *.pem file, which seems to override your SSL certificate. No other gateway I've seen does this, and I've never seen this error with any other gateway besides firstdata. But firstdata will just deny deny deny everything with no useful feedback.

Googling shows that this error "should" be able to be worked around by passing in additional parameters. But the firstdata api example looks like this:

Code: Select all

$ch = curl_init ();
curl_setopt ($ch, CURLOPT_URL,$host);
curl_setopt ($ch, CURLOPT_POST, 1); 
curl_setopt ($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt ($ch, CURLOPT_SSLCERT, $key);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
my code uses the exact same when executed normally:

Code: Select all

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSLCERT, './' . $this->config->get('firstdata_api_key'));
But if you google that error with "firstdata" in the search, you can see there are a few others having the exact same problem:
http://www.google.com/search?hl=en&clie ... =&gs_rfai=

However it looks like some sites have found work arounds. The Magento Linkpoint module shows they added:
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0); // Needed SSL certificate problem, verify that the CA cert is OK
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0); // Needed SSL: certificate subject name 'dev.linkpoint.com'
to get around some of the errors that they were getting. But it is ridiculous that developers have to hack in these work arounds because firstdata can't get their shit together. As some have stated they are losing millions because they are too cheap to update their SSL cert to their new name (they are still using lnkpt.net instead of firstdata.com or linkpoint.com). So firstdata needs to step up and start facing up to the issue.

Using magento's example, for those using my module and getting the SSL certificate problem, try this as a work around:

1. EDIT: catalog/controller/payment/firstdata_api.php
2. FIND:

Code: Select all

if ($this->config->get('firstdata_api_key')) {
	curl_setopt($ch, CURLOPT_SSLCERT, './' . $this->config->get('firstdata_api_key'));
} else {
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
}
REPLACE WITH:

Code: Select all

curl_setopt($ch, CURLOPT_SSLCERT, './' . $this->config->get('firstdata_api_key'));
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);

Image

User avatar
Qphoria
Administrator
Posts
20056
Joined
Tue Jul 22, 2008 3:02 am
Top

Re: Qphoria FirstData Payment Gateway API

Quote

Post by deuce » Thu Aug 05, 2010 4:20 am

Thanks Q! That got rid of that error.
Have another one now, but it looks like a real error from the gateway.
Let's hope I don't have to post back. :-)
deuce
New member
Posts
31
Joined
Sat Jul 03, 2010 1:40 am
Top
Post Reply
Return to “Payments”
Who is online

Users browsing this forum: No registered users and 16 guests