0

I have PHP running on godaddy linux and it calls into Authorize.Net APIs. 20% of the time it works fine (end to end), 80% of the time authnet returns an empty result. Same data being sent every time, apples-to-apples.

Here is my curl:

$gatewayAddress = "https://api2.authorize.net/xml/v1/request.api";

$curlHandler = curl_init();
curl_setopt ($curlHandler, CURLOPT_URL, $gatewayAddress);
curl_setopt ($curlHandler, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($curlHandler, CURLOPT_HEADER, 0);
curl_setopt ($curlHandler, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($curlHandler, CURLOPT_VERBOSE, true); 
$verbose = fopen('php://temp', 'w+'); 
curl_setopt($curlHandler, CURLOPT_STDERR, $verbose); 
curl_setopt ($curlHandler, CURLOPT_CONNECTTIMEOUT, 300); 
curl_setopt ($curlHandler, CURLOPT_SSL_VERIFYPEER, false); 
curl_setopt ($curlHandler, CURLOPT_SSL_VERIFYHOST, false); 
curl_setopt ($curlHandler, CURLOPT_DNS_USE_GLOBAL_CACHE, false ); 
curl_setopt ($curlHandler, CURLOPT_POST, true);
curl_setopt ($curlHandler, CURLOPT_POSTFIELDS, $postString);
$result = curl_exec($curlHandler);

Here is the debug output from the curl:

*   Trying 198.241.207.102:443...
* Connected to secure2.authorize.net (198.241.207.102) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLSv1.2 / AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=California; L=Foster City; O=Authorize.Net; CN=*.authorize.net
*  start date: Feb  5 20:44:08 2020 GMT
*  expire date: Mar 15 21:14:08 2021 GMT
*  issuer: C=US; O=Entrust, Inc.; OU=See www.entrust.net/legal-terms; OU=(c) 2012 Entrust, Inc. - for authorized use only; CN=Entrust Certification Authority - L1K
*  SSL certificate verify ok.
> POST /gateway/transact.dll HTTP/1.1

Host: secure2.authorize.net
Accept: */*
Content-Length: 638
Content-Type: application/x-www-form-urlencoded

* upload completely sent off: 638 out of 638 bytes
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Cache-Control: no-cache, no-store, must-revalidate
< Pragma: no-cache
< Content-Type: text/html
< Expires: -1
< Date: Wed, 17 Jun 2020 19:38:21 GMT
< X-Cnection: close
< Content-Length: 317
< 
* Connection #0 to host secure2.authorize.net left intact

I'm uncertain whether I should be calling authnet, or finding a problem on linux/apache/server-setup, etc.

Any ideas?

HerrimanCoder
  • 6,835
  • 24
  • 78
  • 158
  • Are you using `https://secure2.authorize.net` as your URL? If so, try using their new URL: `https://api2.authorize.net/xml/v1/request.api`. – John Conde Jun 17 '20 at 20:01
  • I was using secure2, but just changed it to the newer URL - same problem. – HerrimanCoder Jun 17 '20 at 21:29
  • If you provide a complete example I can see if I can reproduce it o my end – John Conde Jun 17 '20 at 21:36
  • Have you tried with curl on the command line with same parameters on your server ? – px1mp Jun 17 '20 at 21:37
  • px: It's a nightmare trying to get all those php curl options translated to windows cmd-line. Postman does a pretty good job, but windows cmd rejects it with many errors. – HerrimanCoder Jun 17 '20 at 22:30
  • **[You should not switch off `CURLOPT_SSL_VERIFYHOST` or `CURLOPT_SSL_VERIFYPEER`](https://paragonie.com/blog/2017/10/certainty-automated-cacert-pem-management-for-php-software)**. It could be a security risk! [Here is how to get the certificate bundle if your server is missing one](https://stackoverflow.com/a/32095378/1839439) – Dharman Jun 19 '20 at 14:51
  • @HerrimanCoder Is this still an issue for you? If so, can you add a complete example that we can use to try to debug the issue with? – John Conde Jun 20 '20 at 16:56

0 Answers0