I've just been sent a link by a colleague saying that Paypal are rolling out some changes in June.
We've got a few client sites running TeaCommerce 1.4.2.4 with PayPal.
As this is an old version of TeaCommerce I am not quite sure what it means for us.
Will this change break all these sites?
If so, will there be a fix available or is it something we will need to do something about?
That should not be a problem as it has something to do with PayPal and HTTPS connection. Can't remember which encryption .NET uses as default when connecting to HTTPS, but I think you should be safe.
For reference for others: when testing my site against the sandbox I get this error when they try and return the IPN request, so payments get taken but the site doesn't register them
MESSAGE: Exception has been thrown by the target of an invocation.
STACKTRACE: at System.RuntimeMethodHandle.InvokeMethod(Object target,
Object[] arguments, Signature sig, Boolean constructor) at
System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj,
Object[] parameters, Object[] arguments) at
System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags
invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at
TeaCommerce.Presentation.TeaCommerceBase.RequestModule.invokeMethod(restExtension
myExtension, Object[] paras) INNEREXCEPTION: System.Net.WebException:
The request was aborted: Could not create SSL/TLS secure channel. at
System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream() at
TeaCommerce.Data.Payment.APaymentProvider.MakePostRequest(String url,
String request, NetworkCredential credentials) at
TeaCommerce.PaymentProviders.PayPal.ProcessCallback(Order order,
HttpRequest request, Dictionary`2 settings) at
TeaCommerce.Base.PaymentCallback(IPaymentProvider
paymentProviderInstance, Int64 orderId) at
TeaCommerce.Base.PaymentCallback(String alias, String
encryptedOrderId)
Hopefully I can work a fix but the TeaCommerce version is so old, I'm not sure if the code I'm using is in github.
I have used the version of the payment providers that you have given above to attempt to apply the fix.
I am unsure as yet if it will work but I have added
in the process callback function as this appears to be the closest I can get to the place it seems to be required.
When I apply the payment providers dll to a test site I get this error when trying to access the payment methods:
Method 'GenerateForm' in type 'TeaCommerce.PaymentProviders.DIBS' from assembly 'TeaCommerce.PaymentProviders, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' does not have an implementation.
I assume the reason for this is my teacommerce version does not match with the payment providers version?
If this is the case I am wondering if you can help with my options?
Is it possible to upgrade my teacommerce version, if only a little bit to match the payment providers?
Assuming you know which versions match?
Or is it possible for you to update the teacommerce 1.4.2.4 core code to include the tls change?
or do I need to update the site entirely to run the latest version of teacommerce and what are the licence implications?
We have numerous sites running older versions of teacommerce with numerous payment providers and although PayPal seems to be the only one applying this update the guidelines say it's going to need to be applied across the board at some point in the relatively near future so I'd rather work out what I am going to need to do now!
I think you navigate to the url https://tlstest.paypal.com that is mentioned in the PayPal article in a browser on your hosting server it will tell you if your machine supports the required protocols.
I have a site running TC v1.4.2 and I need to make sure that it will continue to work after the PayPal updates.
One of the things mentioned here is that all IPN postbacks will have to use HTTPS.
Becky was HTTPS set up for your site? I'm assuming that it was.
Anders can you confirm that sites running TC v1.4 will need to be running a custom PayPal provider that sets the security protocol as found by Becky in order to work?
We have never used PayPal for one of our own clients so I don't know the exact process of have a site that works with PayPal. So I can confirm what is needed - BUT I know that the line of code Bex has written back in Mar 18, 2016 isn't in the payment provider code. So i dont know if this should be in the PayPal provider code as standard or if differs. Maybe you giys can help figure it out, and then make a pull request for the provider when you know it. Would be happy tp update the code if it doesn't work because of a PayPal update. But as we dont have a live or test account it is pretty hard to do any live debugging and testing :)
The only thing I changed was the tls setting on the post in the payment provider code.
I didn't have to change anything else.
I did a test to the IPN test page from page within the site and all was fine so I'm assuming that it will be fine.
I've submitted pull requests for v1, 2 & 3 of the TC payment providers to fix this problem.
Bex please note that the fix you have made above is not quite complete. You need to add the same code to CapturePayment, RefundPayment, CancelPayment & InternalGetStatus.
Thanks for the info.
Didn't realize it needed adding in different places too, it all seems to be working here, but definitely good to know in case any problems crop up.
Yes, in the TC back-end UI there are buttons on the order tab that enable refunds, cancellations etc. They also communicate with PayPal using https so will also fail without the changes.
PayPal Updates With TeaCommerce 1.4.2.4
Hi
I've just been sent a link by a colleague saying that Paypal are rolling out some changes in June.
We've got a few client sites running TeaCommerce 1.4.2.4 with PayPal.
As this is an old version of TeaCommerce I am not quite sure what it means for us. Will this change break all these sites? If so, will there be a fix available or is it something we will need to do something about?
Thanks for your help
Becky
Hi Becky
That should not be a problem as it has something to do with PayPal and HTTPS connection. Can't remember which encryption .NET uses as default when connecting to HTTPS, but I think you should be safe.
Else the payment providers is open source:
https://github.com/TeaCommerce/Payment-providers
Kind regards
Anders
For reference for others: when testing my site against the sandbox I get this error when they try and return the IPN request, so payments get taken but the site doesn't register them
Hopefully I can work a fix but the TeaCommerce version is so old, I'm not sure if the code I'm using is in github.
The code for version 1 of Tea Commerce providers is here. BUT cant remember if this is compiled with the latest version 1.
https://github.com/TeaCommerce/Payment-providers/tree/1.x
Kind regards
Anders
Thanks Anders! I will investigate.
Hi
I am still investigating this and have found a possible fix :
http://stackoverflow.com/questions/34939523/the-request-was-aborted-could-not-create-ssl-tls-secure-channel-sandbox-account
I have used the version of the payment providers that you have given above to attempt to apply the fix. I am unsure as yet if it will work but I have added
in the process callback function as this appears to be the closest I can get to the place it seems to be required.
When I apply the payment providers dll to a test site I get this error when trying to access the payment methods:
I assume the reason for this is my teacommerce version does not match with the payment providers version?
If this is the case I am wondering if you can help with my options?
Is it possible to upgrade my teacommerce version, if only a little bit to match the payment providers? Assuming you know which versions match?
Or is it possible for you to update the teacommerce 1.4.2.4 core code to include the tls change?
or do I need to update the site entirely to run the latest version of teacommerce and what are the licence implications?
We have numerous sites running older versions of teacommerce with numerous payment providers and although PayPal seems to be the only one applying this update the guidelines say it's going to need to be applied across the board at some point in the relatively near future so I'd rather work out what I am going to need to do now!
Thanks for any help
Ok, got so caught up in the fact my teacommerce was so old I forgot I could actually create a properly custom payment provider.
This I have now done and it is all working! :)
I have added
in the process callback.
Sweet you got it working!
Hello Becky,
I think you navigate to the url https://tlstest.paypal.com that is mentioned in the PayPal article in a browser on your hosting server it will tell you if your machine supports the required protocols.
Matt
I have a site running TC v1.4.2 and I need to make sure that it will continue to work after the PayPal updates.
One of the things mentioned here is that all IPN postbacks will have to use HTTPS. Becky was HTTPS set up for your site? I'm assuming that it was.
Anders can you confirm that sites running TC v1.4 will need to be running a custom PayPal provider that sets the security protocol as found by Becky in order to work?
How about TC v2 or v3?
Thanks,
Matt
Hi Matt
We have never used PayPal for one of our own clients so I don't know the exact process of have a site that works with PayPal. So I can confirm what is needed - BUT I know that the line of code Bex has written back in Mar 18, 2016 isn't in the payment provider code. So i dont know if this should be in the PayPal provider code as standard or if differs. Maybe you giys can help figure it out, and then make a pull request for the provider when you know it. Would be happy tp update the code if it doesn't work because of a PayPal update. But as we dont have a live or test account it is pretty hard to do any live debugging and testing :)
Kind regards
Anders
The only thing I changed was the tls setting on the post in the payment provider code. I didn't have to change anything else. I did a test to the IPN test page from page within the site and all was fine so I'm assuming that it will be fine.
If it helps. This is the code I have in the custom Paypal code for 1.4.2.4: It's exactly the same as the orginal but with that line I mentioned above.
I will surely look at the code but I assume that this is going to be a problem across all versions 1 to 3 if they use the same provider.
Yes - if there is a problem in version 3 it will most likely also be in v 1 + 2 as the provider code is almost the same all the way.
I've submitted pull requests for v1, 2 & 3 of the TC payment providers to fix this problem.
Bex please note that the fix you have made above is not quite complete. You need to add the same code to CapturePayment, RefundPayment, CancelPayment & InternalGetStatus.
Kind regards,
Matt
Hi Matt
Thanks for the info. Didn't realize it needed adding in different places too, it all seems to be working here, but definitely good to know in case any problems crop up.
Bex
Yes, in the TC back-end UI there are buttons on the order tab that enable refunds, cancellations etc. They also communicate with PayPal using https so will also fail without the changes.
is working on a reply...