Jump to content

Recommended Posts

Hi all,

I'm wondering if someone can point me in the right direction here.  We've setup our CubeCart shop and all seems to be going well - until we actually tried to purchase something.  We've installed the Paypal ecommerce module, linked it to our paypal account and that all went well.   I then go on to the website, add a product to cart, then view cart and check out using paypal.  The program has me logon to paypal ok - then returns me to the payment screen, I tick the agree to terms * conditions box, then pay.  I then am returned to the program with:  

Many thanks for your order! The order status is currently pending but it will automatically update to processing once payment is confirmed. Normally this is automated and will happen within the hour but please do contact us if you require more information.

So for all intents and purposes, it has worked - however, no money ever comes out of my paypal account, nor does it go into the seller paypal account.  The purchase shows up in the store 'dashboard' and I thought perhaps I have to change it from pending to processing to order complete - but nothing (as in money transfer) happens.

I've not changed any of the default settings - so what could be wrong please?   I've gone and disassociated the account and removed and reinstalled the extension - cleared cache, but nothing seems to work.

We are using the very latest version of Cubecart, the default foundation skin and the latest paypal commerce extension.

 

Link to post
Share on other sites

When you login to the seller account can you see the transaction at all? If so you may need to accept it and then choose to always automatically.

Thee could also be a hosting compatibility issue. Have a look at your request log for errors.

Link to post
Share on other sites

lots of stuff !!  The RED errors are:

 

Error: cURL Error (22): NSS: client certificate not found (nickname not specified)
Response received (422 - Unprocessable Entity)
 
 

i found your other thread about the Curl error.  I've updated our server to OpenSSL 1.1.1 - which is the latest.  Tried again, but still get this error in the log:

 

 

Error:cURL Error (22): NSS: client certificate not found (nickname not specified)
Response received (400 - Bad Request)

so, the response has changed from 422 to 400.

Link to post
Share on other sites

It's something to do with the cURL openSSL configuration. I believe it's failing to validate the SSL certificate at the PayPal Endpoint.

An experienced server admin should be able to resolve this. I don't believe there are any issues with our integration.

Link to post
Share on other sites

I haven't found much in the way of solutions to this.

https://stackoverflow.com/questions/15773806/nss-client-certificate-not-found-nickname-not-specified

This has come up a few times recently. It maybe that we can code it to check the certificate by adding a local path but I'm unsure at this time.

Link to post
Share on other sites

ok, yes, that would be good.  I have found this test (to do from the server root command line)

openssl s_client -connect api-3t.sandbox.paypal.com:443 -showcerts | egrep -wi "G5|return"

I get an error:  

 

depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA

verify error:num=20:unable to get local issuer certificate

    Verify return code: 20 (unable to get local issuer certificate)

 

so, once that is fixed, I'm assuming I can revert to the other extension.  

Link to post
Share on other sites

That does seem to verify what I am saying.

Try it with this endpoint which is the one used for PayPal Commerce API endpoint.

api.paypal.com

This matches the endpoint in your request log above.

 

7 minutes ago, [email protected] said:

so, once that is fixed, I'm assuming I can revert to the other extension.  

Yes. 👍🏻

I expect local issuer certificates can be imported to your server.

Link to post
Share on other sites
21 hours ago, [email protected] said:

running this works fine:   openssl s_client -CApath /etc/ssl/certs/ -connect paypal.com:443

 

 

is there anyway I can change the paypal commerce extension to reflect that URL?

Interesting. Is it possible to tweak the openssl config to specify that default path rather than specifying it as an argument?

https://security.stackexchange.com/questions/142159/how-to-get-openssl-to-use-a-cert-without-specifying-it-via-cafile

https://www.phildev.net/ssl/opensslconf.html 

Link to post
Share on other sites

It looks like you may be able to specify this in the php.ini file.

https://www.php.net/manual/en/openssl.configuration.php 

openssl.capath = /etc/ssl/certs

Or it may be possible to add a file to the root folder of your store called ini-custom.inc.php with content;

<?php
ini_set('openssl.capath','/etc/ssl/certs');

 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...