Jump to content

PayPal IPN Unspecified Errors


lyndsiesal

Recommended Posts

Is there somewhere I can view more details on PayPal IPN messages?  In PayPal I see the status as "sent" but in my Cubecart transaction log I'm getting a high number of "unspecified error" in the notes section.  These are complete payments with no obvious issues or errors.  The unspecified error is preventing the cart from changing the order status on digital orders, which is an issue when customers expect "instant download".  Thanks.

Link to comment
Share on other sites

If some are verified and some are invalid, there may be a mismatch between what PayPal has sent in its IPN versus what the module verifies with PayPal. (It seems it will be somewhat complicated to view this data.)

However, since some work and others fail, I will rule out the possibility that the mechanism to talk to PayPal is not at fault - specifically the secure protocol: TLSv1.2.

Let's look anyway. In admin, PHP Info, scroll to the curl table. In that table, look for SSL Version. It must be OpenSSL/1.0.2x where x is a letter, probably 'n'.

Do the invalid records in Request Log show the order's details?

Link to comment
Share on other sites

To be honest, I do not know if PayPal is rejecting https connections using older TLS protocols. Havenswift will know if OpenSSL/1.0.0 is good enough for those who are demanding TLSv1.2.

I was a thought, and I didn't expect much considering, so far, we have not explained why some transactions are good and some fail.

Maybe a PayPal merchant account support person can look at a recent IPN handshake and determine why PayPal sent back INVALID.

 

Link to comment
Share on other sites

Yes, but if OpenSSLv1.0.1 will minimally support TLS1.2, as I infer from your statement, do you think this may be the reason why PayPal is sending an INVALID response? Might they be wanting TLS1.3?

Edited by bsmither
Link to comment
Share on other sites

PayPal along with all other payment gateways have been sending out emails to all users for about a year saying that TLS1.2 will be required and older insecure protocols will not be supported and as the user here appears to be using 1.0.0 (even that is deceptive as many distributions dont upgrade openSSL but back port security patches).  I would expect that the INVALID response will be caused by that but as all of our servers were TLS1.2 compliant four or five years ago, have never come across this.

All payment providers have only just been forced into using TLS1.2 so it is going to be a VERY long time before they force TLS1.3 - it was only released less than a year ago and cPanel for example doesnt even support it yet.

Link to comment
Share on other sites

  • 2 months later...

I'm out of my depth here so will appreciate any help.

Having read the above thread I see that my recently upgraded version of Cubecart (6.2) reports OpenSSl/1.0.1t in the curl table. How does this translate into TLS 1.2? How do I effect an upgrade? Our shop is https://shop.stithians.show/index.php 

Link to comment
Share on other sites

Hi

As I mentioned above OpenSSL, 1.0.1 will support TLS1.2 so assuming that your SSL certificate itself is TLS1.2 compliant (all *should* be now !) then you are covered although that is still an old version of OpenSSL that has huge numbers of security vulnerabilities - see https://www.cvedetails.com/vulnerability-list/vendor_id-217/product_id-383/version_id-202288/Openssl-Openssl-1.0.1t.html

Updating that is the responsibility of your hosting company and something they should do automatically - however, many hosting companies are pretty poor about updating things like this, especially the larger generic hosting companies, and you are much better off using a specialist E-Commerce hosting company

Ian

Link to comment
Share on other sites

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...