Geek Answers Handbook

PayPal: error while establishing SSL connection with remote server

The problem was originally discussed: PayPal Sandbox 500-PayPal Adaptive proxy error https://www.paypal-community.com/t5/About-Payments/Adaptive-payment-api-is-sending-Proxy-error/mp/1091510

It seems the problem is returned, I get

<!DOCHTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>500 Proxy Error</title> </head><body> <h1>Proxy Error</h1> The proxy server could not handle the request <em><a href="/AdaptiveAccounts/GetVerifiedStatus">POST&nbsp;/AdaptiveAccounts/GetVerifiedStatus</a></em>.<p> Reason: <strong>Error during SSL Handshake with remote server</strong></p><p /> </body></html>

With any request, without changing the code on my side. Does anyone have this problem?

To be more specific, I created a curl request that reproduces my problem:

 curl 'https://svcs.sandbox.paypal.com/AdaptiveAccounts/GetVerifiedStatus' -X POST -H 'X-PAYPAL-REQUEST-DATA-FORMAT: NV' -H 'X-PAYPAL-RESPONSE-DATA-FORMAT: NV' -H 'X-PAYPAL-DEVICE-IPADDRESS: 10.10.44.75' -H 'X-PAYPAL-REQUEST-SOURCE: adaptiveaccounts-php-sdk-3.10.2' -H 'User-Agent: PayPalSDK/adaptiveaccounts-php-sdk 3.10.2 (lang=PHP;v=7.0.9;bit=64;os=Linux_2.6.32-042stab103.6;machine=x86_64;openssl=1.0.1e-fips;curl=7.19.7)' -H 'X-PAYPAL-APPLICATION-ID: APP-XXXXXXXXXXXX' -H 'X-PAYPAL-SECURITY-USERID: ikhaldeev-facilitator_api1.dev.football.com' -H 'X-PAYPAL-SECURITY-PASSWORD: XXXXXXXXXXXX' -H'X-PAYPAL-SECURITY-SIGNATURE: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' -d 'accountIdentifier.emailAddress=paypalbiz%40example.com&matchCriteria=NAME&^CrstName=Test&lastName=Test' --tlsv1.2

For this query, the hot answer is:

 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>500 Proxy Error</title> </head><body> <h1>Proxy Error</h1> The proxy server could not handle the request <em><a href="/AdaptiveAccounts/GetVerifiedStatus">POST&nbsp;/AdaptiveAccounts/GetVerifiedStatus</a></em>.<p> Reason: <strong>Error during SSL Handshake with remote server</strong></p><p /> </body></html>

As you can see, I specified TLSv1.2 in the curl command, in addition, if I execute the same command from one of our servers that does not support TLSv1.2 (this server does not work with paypal), I get another error

 curl 'https://svcs.sandbox.paypal.com/AdaptiveAccounts/GetVerifiedStatus' -X POST -H 'X-PAYPAL-REQUEST-DATA-FORMAT: NV' -H 'X-PAYPAL-RESPONSE-DATA-FORMAT: NV' -H 'X-PAYPAL-DEVICE-IPADDRESS: 10.10.44.75' -H 'X-PAYPAL-REQUEST-SOURCE: adaptiveaccounts-php-sdk-3.10.2' -H 'User-Agent: PayPalSDK/adaptiveaccounts-php-sdk 3.10.2 (lang=PHP;v=7.0.9;bit=64;os=Linux_2.6.32-042stab103.6;machine=x86_64;openssl=1.0.1e-fips;curl=7.19.7)' -H 'X-PAYPAL-APPLICATION-ID: APP-XXXXXXXXXXXX' -H 'X-PAYPAL-SECURITY-USERID: ikhaldeev-facilitator_api1.dev.football.com' -H 'X-PAYPAL-SECURITY-PASSWORD: XXXXXXXXXXXX' -H'X-PAYPAL-SECURITY-SIGNATURE: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' -d 'accountIdentifier.emailAddress=paypalbiz%40example.com&matchCriteria=NAME&^CrstName=Test&lastName=Test'

Answer:

 curl: (35) SSL connect error

As you can see, this is another mistake. Of course I use the correct credentials, appId, etc.

+1
source share
1 answer

This error means that your server does not send an HTTP request through the TLS 1.2 protocol, which is required by PayPal in the Sandbox, and will be required on Live servers next year.

More information is available here . The most important thing,

If you want to use TLS 1.2, you need to at least upgrade to OpenSSL 1.0.1, and then you can set CURLOPT_SSLVERSION to 6 (TLS 1.2).

If you want TLS 1.2 to be automatically used during SSL requests, you will also need to upgrade to PHP 5.5.19+ (this is an ideal solution, but many projects are still on older versions of PHP).

This assumes you are using PHP of course. If not, then you just need to make sure that TLS 1.2 works with any software stack that you use.

+2
source

More articles:


All Articles