Re: [WebDNA] TLS 1.2 and [tcpconnect]
This WebDNA talk-list message is from 2018
It keeps the original formatting.
numero = 114005
interpreted = N
texte = 1605--Apple-Mail-E506D07D-2A00-4C97-82DC-F3AC4F1AB00AContent-Type: text/plain;charset=utf-8Content-Transfer-Encoding: quoted-printableI never found a work around and this was to easy to use while I cross code t=o my Linux server. I can host this lane for others to use if you want. Get i=n touch with me by phone all you have to do is send the code the right way a=nd I=E2=80=99ll approve your submissionsRobert MinorCybermill.com314-962-4024 ext 500> On Mar 1, 2018, at 11:53, Brian Willson
wrote:>=20> Hi, Donovan.>=20> If you manage to come up with something that=E2=80=99ll work with outgoing= connections on my current server, I=E2=80=99d be internally grateful.>=20> Thanks so much.>=20> Brian>=20> ---> Brian Willson> www.3ip.com>=20>=20>> On Mar 1, 2018, at 12:43 PM, dbrooke@euca.us wrote:>>=20>> Hi Brian,>>=20>> Bob is offering a work-around.. but I would think you could disable old v=ersions of TLS on your server too.>>=20>> I have to look into this as well... in fact, everyone who is using Authne=t should look into this if they haven't already.>>=20>> I'll try to get some time tonight to look at it.>>=20>> Donovan>>=20>>=20>>=20>>=20>>=20>>> On 2018-03-01 10:29, Brian Willson wrote:>>> I didn=E2=80=99t fully read this, I guess...>>>=20>>> So no version of Mac OS X server can force outgoing TLS 1.2>>> connections? Assuming so, I WILL need a new server to handle this, I>>> guess.>>>=20>>> Thanks.>>>=20>>> Brian>>>=20>>> --->>> Brian Willson>>> www.3ip.com [41]>>>=20>>>>>>=20>>>=20>>>> On Mar 1, 2018, at 9:37 AM, Bob Minor >>>> wrote:>>>>=20>>>> No the older protocols cannot be completed turned off. Apples>>>> she=E2=80=99ll script uses the older connection.>>>>=20>>>> All you need to do i>>>>=20>>>> Change the tcpconnect to your new servers page>>>>=20>>>> http://mynewserver.com/authnetpost.tpl [34]>>>>=20>>>> Create the page on the new server authnetpost.tpl>>>>=20>>>> On that page read the posted variables and resend them using the>>>> newer servers tcp connect which is already updated. This is the same>>>> exact code as you have on your old server. Only with the read>>>> variables.>>>>=20>>>> When I get to my server I will send you the PHP to do this, but you>>>> can do it with WebDNA>>>>=20>>>> Robert Minor>>>> Cybermill.com [35]>>>> 314-962-4024 ext 500>>>>=20>>>> On Mar 1, 2018, at 08:28, Jym Duane >>>> wrote:>>>>=20>>>>> Robert>>>>>=20>>>>> I am in the process (expense) of moving a site to an updated>>>>> server, in order to have TLS1.2 to do the tcp connect.>>>>>=20>>>>> this sounds like after i do that i wont be able to still? is that>>>>> due to webdna?>>>>>=20>>>>> will be updated to latest centos and Apache to support the TLS1.2>>>>>=20>>>>> have not got completely there yet to try it.>>>>>=20>>>>> Please send script as a workaround either while transitioning or>>>>> after if needed would be greatly appreciated.>>>>>=20>>>>> PS- i think older protocols can be tuned off on the server?>>>>> Jym>>>>>=20>>>>>> On 3/1/2018 6:12 AM, Bob Minor wrote:>>>>>>=20>>>>>> No not at all. I can send you the php script or you can do the>>>>>> same thing with webdna on a newer server>>>>>>=20>>>>>> All I really do is read the post variables and resend them to>>>>>> authnet as another tcpconnect so to speak. But this would be>>>>>> running on an updated server.>>>>>>=20>>>>>> Robert Minor>>>>>> Cybermill.com [23]>>>>>> 314-962-4024 ext 500>>>>>>=20>>>>>> On Mar 1, 2018, at 07:52, Brian Willson >>>>>> wrote:>>>>>>=20>>>>>>> Yikes. Sounds complicated.>>>>>>>=20>>>>>>> Is there no way to tweak the [tcpconnect] script to>>>>>>> accommodate TLS 1.2 and/or its ciphers? If not, that would>>>>>>> prove a major setback here.>>>>>>>=20>>>>>>> Brian>>>>>>>=20>>>>>>> --->>>>>>> Brian Willson>>>>>>>=20>>>>>>> www.3ip.com [18]>>>>>>>=20>>>>>>>> On Mar 1, 2018, at 7:42 AM, Bob Minor>>>>>>>> wrote:>>>>>>>>=20>>>>>>>> I got around it by running my own Linux server that does the>>>>>>>> php call to authnet and dumps the data just as the gateway>>>>>>>> did. kinda like a gateway for my gateway.>>>>>>>>=20>>>>>>>> Robert Minor>>>>>>>> Cybermill.com [12]>>>>>>>> 314-962-4024 ext 500>>>>>>>>=20>>>>>>>> On Mar 1, 2018, at 06:34, Brian Willson >>>>>>> [13]> wrote:>>>>>>>>=20>>>>>>>>> Hey, everybody.>>>>>>>>>=20>>>>>>>>> For years I=E2=80=99ve been using [tcpconnect] to connect my>>>>>>>>> online shopping carts with Authorize.net [1]=E2=80=99s AIM>>>>>>>>> solution, and it=E2=80=99s worked great, with only a minor tweak>>>>>>>>> or two required.>>>>>>>>>=20>>>>>>>>> Yesterday, Authorize.net [2] began requiring connections>>>>>>>>> via the TLS 1.2 protocol, and my script broke. I.e., it>>>>>>>>> can no longer connect to the endpoint.>>>>>>>>>=20>>>>>>>>> (I'd mistakenly assumed all I needed to do was make sure>>>>>>>>> my server supported TLS 1.2, duh.)>>>>>>>>>=20>>>>>>>>> Can anyone tell me how to make sure my script forces a>>>>>>>>> connection via TLS 1.2?>>>>>>>>>=20>>>>>>>>> I was hoping all I=E2=80=99d need is a tweak to this line...>>>>>>>>>=20>>>>>>>>> [text show=3DF]response=3D[tcpconnect>>>>>>>>> host=3Dsecure2.authorize.net [3]&port=3D443&ssl=3DT]>>>>>>>>>=20>>>>>>>>> ...but simply using =E2=80=9Cssl=3DF=E2=80=9D didn=E2=80=99t work,= ha.>>>>>>>>>=20>>>>>>>>> Here=E2=80=99s my main connect code:>>>>>>>>>=20>>>>>>>>> --->>>>>>>>>=20>>>>>>>>> [text show=3DF]response=3D[tcpconnect>>>>>>>>> host=3Dsecure2.authorize.net [4]&port=3D443&ssl=3DT][!]>>>>>>>>>=20>>>>>>>>> [/!][tcpsend]POST /gateway/transact.dll HTTP/1.0[crlf][!]>>>>>>>>>=20>>>>>>>>> [/!]User-Agent: e3IP[crlf][!]>>>>>>>>>=20>>>>>>>>> [/!]Host: secure2.authorize.net:443 [5][crlf][!]>>>>>>>>>=20>>>>>>>>> [/!]Content-type:>>>>>>>>> application/x-www-form-urlencoded[crlf][!]>>>>>>>>>=20>>>>>>>>> [/!]Content-length:>>>>>>>>> [countchars][content][/countchars][crlf][!]>>>>>>>>>=20>>>>>>>>> [/!][crlf][!]>>>>>>>>>=20>>>>>>>>> [/!][content][crlf][!]>>>>>>>>>=20>>>>>>>>> [/!][/tcpsend][/tcpconnect][/text]>>>>>>>>>=20>>>>>>>>> --->>>>>>>>>=20>>>>>>>>> Thanks so much in advance for any help you can offer.>>>>>>>>>=20>>>>>>>>> Brian>>>>>>>>>=20>>>>>>>>> --->>>>>>>>> Brian Willson>>>>>>>>> www.3ip.com [6]>>>>>>>>>=20>>>>>>>>> --------------------------------------------------------->>>>>>>>> This message is sent to you because you are subscribed to>>>>>>>>> the mailing list talk@webdna.us [7] To unsubscribe, E-mail>>>>>>>>> to: talk-leave@webdna.us [8] archives:>>>>>>>>> http://www.webdna.us/page.dna?numero=3D55 [9] Bug Reporting:>>>>>>>>> support@webdna.us [10]>>>>>>>> --------------------------------------------------------->>>>>>>> This message is sent to you because you are subscribed to>>>>>>>> the mailing list talk@webdna.us [14] To unsubscribe, E-mail>>>>>>>> to: talk-leave@webdna.us [15] archives:>>>>>>>> http://www.webdna.us/page.dna?numero=3D55 [16] Bug Reporting:>>>>>>>> support@webdna.us [17]>>>>>>>=20>>>>>>> --------------------------------------------------------->>>>>>> This message is sent to you because you are subscribed to the>>>>>>> mailing list talk@webdna.us [19] To unsubscribe, E-mail to:>>>>>>> talk-leave@webdna.us [20] archives:>>>>>>> http://www.webdna.us/page.dna?numero=3D55 [21] Bug Reporting:>>>>>>> support@webdna.us [22]>>>>>> --------------------------------------------------------- This>>>>>> message is sent to you because you are subscribed to the mailing>>>>>> list talk@webdna.us [25] To unsubscribe, E-mail to:>>>>>> talk-leave@webdna.us [26] archives:>>>>>> http://www.webdna.us/page.dna?numero=3D55 [27] Bug Reporting:>>>>>> support@webdna.us [28]>>>>>=20>>>>> -->>>>> Jym Duane - CTO - Purpose Media>>>>> Creating Your Success Story>>>>> Marketing : Television - Internet -Print>>>>> Phone: (877) 443-1323>>>>> Email: jym@purposemedia.com>>>>> Web: www.purposemedia.com>>>>>=20>>>>> Oregon - www.GuideToOregon.com>>>>> PO Box 1725, Jacksonville, OR 97530>>>>>=20>>>>> California - www.OrangeCounty.net>>>>> PO Box 2025, Capistrano Beach, CA 92624>>>>> --------------------------------------------------------- This>>>>> message is sent to you because you are subscribed to the mailing>>>>> list talk@webdna.us [29] To unsubscribe, E-mail to:>>>>> talk-leave@webdna.us [30] archives:>>>>> http://www.webdna.us/page.dna?numero=3D55 [31] Bug Reporting:>>>>> support@webdna.us [32]>>>> --------------------------------------------------------- This>>>> message is sent to you because you are subscribed to the mailing>>>> list talk@webdna.us [37] To unsubscribe, E-mail to:>>>> talk-leave@webdna.us [38] archives:>>>> http://www.webdna.us/page.dna?numero=3D55 [39] Bug Reporting:>>>> support@webdna.us [40]>>>=20>>> --------------------------------------------------------- This>>> message is sent to you because you are subscribed to the mailing list>>> talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us>>> archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting:>>> support@webdna.us>>>=20>>> Links:>>> ------>>> [1] http://authorize.net/>>> [2] http://authorize.net/>>> [3] http://secure2.authorize.net/>>> [4] http://secure2.authorize.net/>>> [5] http://secure2.authorize.net:443/>>> [6] http://www.3ip.com/>>> [7] mailto:talk@webdna.us>>> [8] mailto:talk-leave@webdna.us>>> [9] http://www.webdna.us/page.dna?numero=3D55>>> [10] mailto:support@webdna.us>>> [11] mailto:bob.minor@cybermill.com>>> [12] http://cybermill.com/>>> [13] mailto:willson@3ip.com>>> [14] mailto:talk@webdna.us>>> [15] mailto:talk-leave@webdna.us>>> [16] http://www.webdna.us/page.dna?numero=3D55>>> [17] mailto:support@webdna.us>>> [18] http://www.3ip.com/>>> [19] mailto:talk@webdna.us>>> [20] mailto:talk-leave@webdna.us>>> [21] http://www.webdna.us/page.dna?numero=3D55>>> [22] mailto:support@webdna.us>>> [23] http://cybermill.com/>>> [24] mailto:willson@3ip.com>>> [25] mailto:talk@webdna.us>>> [26] mailto:talk-leave@webdna.us>>> [27] http://www.webdna.us/page.dna?numero=3D55>>> [28] mailto:support@webdna.us>>> [29] mailto:talk@webdna.us>>> [30] mailto:talk-leave@webdna.us>>> [31] http://www.webdna.us/page.dna?numero=3D55>>> [32] mailto:support@webdna.us>>> [33] mailto:bob.minor@cybermill.com>>> [34] http://mynewserver.com/authnetpost.tpl>>> [35] http://cybermill.com/>>> [36] mailto:jym@purposemedia.com>>> [37] mailto:talk@webdna.us>>> [38] mailto:talk-leave@webdna.us>>> [39] http://www.webdna.us/page.dna?numero=3D55>>> [40] mailto:support@webdna.us>>> [41] http://www.3ip.com>>=20>> --------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list talk@webdna.us>> To unsubscribe, E-mail to: talk-leave@webdna.us>> archives: http://www.webdna.us/page.dna?numero=3D55>> Bug Reporting: support@webdna.us>=20> --------------------------------------------------------- This message is s=ent to you because you are subscribed to the mailing list talk@webdna.us To u=nsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/p=age.dna?numero=3D55 Bug Reporting: support@webdna.us--Apple-Mail-E506D07D-2A00-4C97-82DC-F3AC4F1AB00AContent-Type: text/html;charset=utf-8Content-Transfer-Encoding: quoted-printableI never found a work around and this was to= easy to use while I cross code to my Linux server. I can host this lane for= others to use if you want. Get in touch with me by phone all you have to do= is send the code the right way and I=E2=80=99ll approve your submissions
Robert Minor
314-962-4024 ext 500
Hi, Donovan.
If you manage to come up with someth=ing that=E2=80=99ll work with outgoing connections on my current server, I=E2==80=99d be internally grateful.
Thanks so much.
Brian
=---
Hi Brian,
Bob is offering a work-ar=ound.. but I would think you could disable old versions of TLS on your serve=r too.
I have to look into this as well... in f=act, everyone who is using Authnet should look into this if they haven't alr=eady.
I'll try to get some time tonight to look= at it.
Donovan
On 2018-03-01 10:2=9, Brian Willson wrote:
I= didn=E2=80=99t fully read this, I guess...
So n=o version of Mac OS X server can force outgoing TLS 1.2
connec=tions? Assuming so, I WILL need a new server to handle this, I
guess.
Thanks.
Br=ian
---
Brian Willson
www.3ip.com [41]
On M=ar 1, 2018, at 9:37 AM, Bob Minor <bob.minor@cybermill.com [33]>
wrote:
No the older protocols cannot be completed turned off. Apple=s
she=E2=80=99ll script uses the older connection.
All you need to do i
Change t=he tcpconnect to your new servers page
http://mynewserver.com/authnetpost.=tpl [34]
Create the page on the new server a=uthnetpost.tpl
On that page read the posted var=iables and resend them using the
newer servers tcp connect whi=ch is already updated. This is the same
exact code as you have= on your old server. Only with the read
variables.
When I get to my server I will send you the PHP to do this=, but you
can do it with WebDNA
R=obert Minor
Cybermill.com= [35]
314-962-4024 ext 500
On Mar= 1, 2018, at 08:28, Jym Duane <jy=m@purposemedia.com [36]>
wrote:
Robert
I am in the process (expense) of moving a site to an updated
server, in order to have TLS1.2 to do the tcp connect.
this sounds like after i do that i wont be able to still? is that<=br class=3D"">due to webdna?
will be updated to= latest centos and Apache to support the TLS1.2
have not got completely there yet to try it.
P=lease send script as a workaround either while transitioning or
after if needed would be greatly appreciated.
PS- i think older protocols can be tuned off on the server?
J=ym
On 3/1/2018 6:12 AM, Bob Minor wrote:
No not at all. I= can send you the php script or you can do the
same thing with= webdna on a newer server
All I really do is re=ad the post variables and resend them to
authnet as another tc=pconnect so to speak. But this would be
running on an updated s=erver.
Robert Minor
Cybermill.com [23]
314-962-4024 ext 50=0
On Mar 1, 2018, at 07:52, Brian Willson <<=a href=3D"mailto:willson@3ip.com">willson@3ip.com [24]>
wrote:
Yi=kes. Sounds complicated.
Is there no way to twe=ak the [tcpconnect] script to
accommodate TLS 1.2 and/or its c=iphers? If not, that would
prove a major setback here.
Brian
---
B=rian Willson
www=..3ip.com [18]
On Mar 1, 2018, at 7:42 AM, Bob Minor
<bob.minor@cybermill.com [11]> wrote:
I got around it by running my own Linux server t=hat does the
php call to authnet and dumps the data just as th=e gateway
did. kinda like a gateway for my gateway.
Robert Minor
Cybermill.com [12]
314-962-4024 ext 500
On Mar 1, 2018, at 06:34, Brian Willson <willson@3ip.com
[13]> wrote:
Hey, everybody.
For years I=E2=80=99ve been using [tcpconnect] to co=nnect my
online shopping carts with Authorize.net [1]=E2=80=99s AIM
solution, and it=E2==80=99s worked great, with only a minor tweak
or two required.=
Yesterday, Au=thorize.net [2] began requiring connections
via the TLS 1.=2 protocol, and my script broke. I.e., it
can no longer connec=t to the endpoint.
(I'd mistakenly assumed all I= needed to do was make sure
my server supported TLS 1.2, duh.)=
Can anyone tell me how to make sure my script f=orces a
connection via TLS 1.2?
I= was hoping all I=E2=80=99d need is a tweak to this line...
[text show=3DF]response=3D[tcpconnect
host=3Dsecure2.authorize.net [3]&port=3D=443&ssl=3DT]
...but simply using =E2=80=9Cs=sl=3DF=E2=80=9D didn=E2=80=99t work, ha.
Here=E2==80=99s my main connect code:
---
[text show=3DF]response=3D[tcpconnect
host=3D<=a href=3D"http://secure2.authorize.net">secure2.authorize.net [4]&po=rt=3D443&ssl=3DT][!]
[/!][tcpsend]POST /gat=eway/transact.dll HTTP/1.0[crlf][!]
[/!]User-Ag=ent: e3IP[crlf][!]
[/!]Host: secure2.authorize.net:443 [5][crlf][!]
[/!]Content-type:
application/x-www-for=m-urlencoded[crlf][!]
[/!]Content-length:
[countchars][content][/countchars][crlf][!]
[/!][crlf][!]
[/!][content][crlf][!]
[/!][/tcpsend][/tcpconnect][/text]
---
Thanks so much in advance for a=ny help you can offer.
Brian
---
Brian Willson
www.3ip.com [6]
----------------=-----------------------------------------
This message is sent= to you because you are subscribed to
the mailing list talk@webdna.us [7] To unsubscribe, E-mail
to: talk-leave@webdna.us=a> [8] archives:
http://www.webdna.us/page.dna?numero=3D55 [9] Bug Reporting:
support@webdna.us [10]<=br class=3D"">
-------------------------------------------------=--------
This message is sent to you because you are subscribe=d to
the mailing list talk@w=ebdna.us [14] To unsubscribe, E-mail
to: talk-leave@webdna.us [15] archives:
http://www.webdna.us/=page.dna?numero=3D55 [16] Bug Reporting:
support@webdna.us [17]
---------------------------------------------------------
This message is sent to you because you are subscribed to the
mailing list talk@webdna.us [=19] To unsubscribe, E-mail to:
talk-leave@webdna.us [20] archives:
http://www.webdna.us/page.dna?numer=o=3D55 [21] Bug Reporting:
support@webdna.us [22]
----------------=----------------------------------------- This
message is sent= to you because you are subscribed to the mailing
list talk@webdna.us [25] To unsubscribe, E-mail to=:
talk-leave@webdna.us= [26] archives:
http://www.webdna.us/page.dna?numero=3D55 [27] Bug Reporting=:
support@webdna.us [=28]
--
Jym Duane - C=TO - Purpose Media
Creating Your Success Story
M=arketing : Television - Internet -Print
Phone: (877) 443-1323<=br class=3D"">Email: jym@purposemedi=a.com
Web: www.pur=posemedia.com
Oregon - www.GuideToOregon.com
PO Box 1725, Ja=cksonville, OR 97530
California - www.OrangeCounty.net
PO Box 202=5, Capistrano Beach, CA 92624
--------------------------------=------------------------- This
message is sent to you because y=ou are subscribed to the mailing
list talk@webdna.us [29] To unsubscribe, E-mail to:
<=a href=3D"mailto:talk-leave@webdna.us">talk-leave@webdna.us [30] archive=s:
http:=//www.webdna.us/page.dna?numero=3D55 [31] Bug Reporting:
<=a href=3D"mailto:support@webdna.us">support@webdna.us [32]
--------------------------------------------------------- This=
message is sent to you because you are subscribed to the mail=ing
list talk@webdna.us [=37] To unsubscribe, E-mail to:
talk-leave@webdna.us [38] archives:
http://www.webdna.us/page.dna?numer=o=3D55 [39] Bug Reporting:
support@webdna.us [40]
-=-------------------------------------------------------- This
=message is sent to you because you are subscribed to the mailing list
talk@webdna.us To unsubscribe,= E-mail to: talk-leave@webdna.us=
archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting:
support@webdna.us
<=br class=3D"">Links:
------
[1] http://authorize.net/
[2] http://authorize.net/
[3] http://secure2.authorize.net/
[4] http://secure2.authorize.net=/
[5] http:/=/secure2.authorize.net:443/
[6] http://www.3ip.com/
[7] mailto:talk@webdna.us
[8] mailto:talk-leave@webdna.us
[9] http://www.webdna.us/page.dna?nume=ro=3D55
[10] mailto:s=upport@webdna.us
[11] mailto:bob.minor@cybermill.com
[12] http://cybermill.com/
[13] mailto:willson@3ip.com
[14] mailto:talk@webdna.us
[15] mailto:talk-leave@webdna.us
[16] http://www.=webdna.us/page.dna?numero=3D55
[17] mailto:support@webdna.us
[18] http://www.3ip.com/
[19] mailto:talk@webdna.us
[20] mailto:talk-leave@webdna.us
[=21] http://www.webdna.=us/page.dna?numero=3D55
[22] mailto:support@webdna.us
[23] http://cybermill.com/
[24] mailto:willson@3ip.com
[25] mailto:talk@webdna.us
[26] mailto:talk-leave@webdna.us
=[27] http://www.webdna=..us/page.dna?numero=3D55
[28] mailto:support@webdna.us
[29] mailto:talk@webdna.us
[30] mailto:talk-leave@webdna.us
[31] <=a href=3D"http://www.webdna.us/page.dna?numero=3D55">http://www.webdna.us/pa=ge.dna?numero=3D55
[32] mailto:support@webdna.us
[33] mailto:bob.minor@cybermill.com
[34] http://mynewserver.com/authne=tpost.tpl
[35] http://cy=bermill.com/
[36] =mailto:jym@purposemedia.com
[37] mailto:talk@webdna.us
[38] mailto:talk-leave@webdna.us
[39] http://www.webdna.us/page.dna=?numero=3D55
[40] mai=lto:support@webdna.us
[41] =http://www.3ip.com
-----------=----------------------------------------------
This message is= sent to you because you are subscribed to
the mailing list talk@webdna.us
To unsubscr=ibe, E-mail to: talk-leave@webdna.us=
archives: http://www.webdna.us/page.dna?numero=3D55
Bug Repor=ting: support@webdna.us
---------------------------------------------------------This message is sent to you because you are subscribed tothe mailing list