Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Join Date
    Nov 2014
    Location
    美國
    Posts
    8
    Plugin Contributions
    0

    Default (28) Operation timed out - trying to fix SSLV3 issue

    it appears after comment out all CURLOPT_SSLVERSION => 3 sentence when trying to fix SSLV3 issue, i then tried to change CURLOPT_SSLVERSION => 1,4,6 issue still exist.

    condition when set as CURLOPT_SSLVERSION => 3
    Click image for larger version. 

Name:	PastedGraphic-6-1.png 
Views:	140 
Size:	29.4 KB 
ID:	14710

    condition wehn set as CURLOPT_SSLVERSION => 1,4,6
    Click image for larger version. 

Name:	PastedGraphic-5.png 
Views:	140 
Size:	27.9 KB 
ID:	14711

    Please help!!

  2. #2
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    Error 28 means that your server couldn't reach the payment server. In your case it means your server isn't getting a response from the paypal server.

    Possible causes:
    a) maybe you changed more than just the CURLOPT line when editing the file
    b) if you have your paypal module configured to work with the Sandbox, change it to use the Live/Production server instead. Sometimes the PayPal sandbox server operates differently from the real production server. And the sandbox should only be used for 2 minutes to test communications. After that you should be using Live mode else your store won't actually collect money from customers.
    c) perhaps your webserver is seriously outdated and doesn't know how to communicate over TLS. In that case if the only way it knows is SSL3 then it won't be able to talk to PayPal because PayPal has turned off SSLv3 support.
    d) perhaps your webserver is using an obsolete version of PHP which doesn't know how to communicate securely without ssl3.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3
    Join Date
    Nov 2014
    Location
    美國
    Posts
    8
    Plugin Contributions
    0

    red flag Re: (28) Operation timed out - trying to fix SSLV3 issue

    Quote Originally Posted by DrByte View Post
    Error 28 means that your server couldn't reach the payment server. In your case it means your server isn't getting a response from the paypal server.

    Possible causes:
    a) maybe you changed more than just the CURLOPT line when editing the file
    b) if you have your paypal module configured to work with the Sandbox, change it to use the Live/Production server instead. Sometimes the PayPal sandbox server operates differently from the real production server. And the sandbox should only be used for 2 minutes to test communications. After that you should be using Live mode else your store won't actually collect money from customers.
    c) perhaps your webserver is seriously outdated and doesn't know how to communicate over TLS. In that case if the only way it knows is SSL3 then it won't be able to talk to PayPal because PayPal has turned off SSLv3 support.
    d) perhaps your webserver is using an obsolete version of PHP which doesn't know how to communicate securely without ssl3.
    Really appreciated your help DrByte,

    i double checked all of my step according to your advice,

    a)

    i followed your instruction of below article, use developer tool kit search keyword "CURLOPT_SSLVERSION" to locate the file need to be revise.
    http://www.zen-cart.com/showthread.p...yment-security

    instead of 5files, i can only locate 3 files contain "CURLOPT_SSLVERSION", please refer to below picture
    Click image for larger version. 

Name:	PastedGraphic-2.jpg 
Views:	73 
Size:	26.2 KB 
ID:	14712
    paypal_curl.php
    class.linkpoint_api.php
    authorizenet_echeck.php

    i commented all out just followed your instruction. but after doing this, i encountered CURL time out issue.

    b) the sandbox should be correctly deployed, i used the same setting(API key, user name) for another shopping cart program running on same server, it works perfectly.


    c) i have also created a tick inquiry to host(lunarpages)

    Question:
    i am fixing the SSL V3.0 on zencart with using paypal's sandbox account, when i use paypal's sandbox account to check out i encountered CURL timeouts, paypal guy said this is host's server configuration problem, i see you server SSL version is openssl/0.9.8b, does it support TLSv1.2?

    Lunarpages's Answer : Our servers do indeed support TLSv1.2.


    is there anything i can do to fix this issue?

  4. #4
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    If you are indeed using v1.3.9g (which by the way was released in 2010 ... it is now 2014, so you're missing out on 4 years' worth of bugfixes and software improvements), then replacing your paypal_curl.php file with the attached file will suffice. This of course cannot account for any other ways in which you've altered your site's code vs original Zen Cart files.

    I'd really like you to test against the live PayPal site, since the PayPal Sandbox is often in an experimental state, and does not reflect how the software will work in a real live environment. You don't even have to complete a payment ... just start an Express Checkout transaction so that it takes you to the PayPal login screen. That will test the communications adequately. But you must use Live API credentials, not Sandbox API credentials.
    Attached Files Attached Files
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5
    Join Date
    Nov 2014
    Location
    美國
    Posts
    8
    Plugin Contributions
    0

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    Quote Originally Posted by DrByte View Post
    If you are indeed using v1.3.9g (which by the way was released in 2010 ... it is now 2014, so you're missing out on 4 years' worth of bugfixes and software improvements), then replacing your paypal_curl.php file with the attached file will suffice. This of course cannot account for any other ways in which you've altered your site's code vs original Zen Cart files.

    I'd really like you to test against the live PayPal site, since the PayPal Sandbox is often in an experimental state, and does not reflect how the software will work in a real live environment. You don't even have to complete a payment ... just start an Express Checkout transaction so that it takes you to the PayPal login screen. That will test the communications adequately. But you must use Live API credentials, not Sandbox API credentials.
    Really appreciated that, i am sorry, actually i am currently using v1.3.9h, my website works fine with paypal express checkout(live) before and after applying your file, but not in sandbox environment(both), paypal called me 2days before and told me that the express checkout i am using will be affected by SSLV3 termination, that's why i make change of the codes just according to your advice.

    Thanks greatly for your easy understand wordings,i am not professional developers, just a small merchant, we can't afford frequent website update, the study cost would be too high for me.

  6. #6
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    Quote Originally Posted by christine sritao View Post
    my website works fine with paypal express checkout(live) before and after applying your file, but not in sandbox environment(both)
    Most likely that's because your hosting company has the sandbox site IP addresses blocked in their firewall.
    Your hosting company will need to allow access to the sandbox IP addresses, as per: https://ppmts.custhelp.com/app/answers/detail/a_id/92
    Zen Cart uses the following PayPal hosts, so all of their IP addresses need to be allowed:
    www.paypal.com
    www.sandbox.paypal.com
    api-3t.paypal.com
    api-3t.sandbox.paypal.com
    payflowpro.paypal.com
    pilot-payflowpro.paypal.com
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  7. #7
    Join Date
    Nov 2014
    Location
    美國
    Posts
    8
    Plugin Contributions
    0

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    Quote Originally Posted by DrByte View Post
    Most likely that's because your hosting company has the sandbox site IP addresses blocked in their firewall.
    Your hosting company will need to allow access to the sandbox IP addresses, as per: https://ppmts.custhelp.com/app/answers/detail/a_id/92
    Zen Cart uses the following PayPal hosts, so all of their IP addresses need to be allowed:
    www.paypal.com
    www.sandbox.paypal.com
    api-3t.paypal.com
    api-3t.sandbox.paypal.com
    payflowpro.paypal.com
    pilot-payflowpro.paypal.com
    DrByte,

    i've just got the reply from lunarpages, they said"have checked and do not see that any of those IP Addresses are being blocked on the BALLAST server firewall"

    but the time out problem still exist, even i installed a new clean zencart 1.3.9h after comment out all CURLOPT_SSLVERSION, is there any possibility that caused this issue? the paypal payment module?

  8. #8
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    What's the URL to your website?
    What's the URL to your curl test script as described here? http://www.zen-cart.com/showthread.p...187#post434187
    What do you get as a response when you ask it to test paypal, as described in that post?
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  9. #9
    Join Date
    Nov 2014
    Location
    美國
    Posts
    8
    Plugin Contributions
    0

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    Quote Originally Posted by DrByte View Post
    What's the URL to your website?
    What's the URL to your curl test script as described here? http://www.zen-cart.com/showthread.p...187#post434187
    What do you get as a response when you ask it to test paypal, as described in that post?
    DrByte,

    the test passed, i think, it's because paypal still allow SSLV3 channel, right? but they are going to terminate on 4 December2014

    the test result:

    COMMUNICATIONS TEST OKAY.
    You may see error information below, but that information simply confirms that the server actually responded, which means communications is open.
    Array
    (
    [url] => "https://api-3t.paypal.com/nvp"
    [content_type] => text/plain; charset=utf-8
    [http_code] => 200
    [header_size] => 153
    [request_size] => 204
    [filetime] => -1
    [ssl_verify_result] => 0
    [redirect_count] => 0
    [total_time] => 0.404822
    [namelookup_time] => 0.09915
    [connect_time] => 0.140942
    [pretransfer_time] => 0.284499
    [size_upload] => 37
    [size_download] => 146
    [speed_download] => 360
    [speed_upload] => 91
    [download_content_length] => 146
    [upload_content_length] => 37
    [starttransfer_time] => 0.404745
    [redirect_time] => 0
    [certinfo] => Array
    (
    )

    [redirect_url] =>
    )

  10. #10
    Join Date
    Nov 2014
    Location
    美國
    Posts
    8
    Plugin Contributions
    0

    Default Re: (28) Operation timed out - trying to fix SSLV3 issue

    Quote Originally Posted by DrByte View Post
    What's the URL to your website?
    What's the URL to your curl test script as described here? http://www.zen-cart.com/showthread.p...187#post434187
    What do you get as a response when you ask it to test paypal, as described in that post?
    DrByte,

    Really appreciated you keep looking at this issue and support so far

    the test passed, both live and sandbox mode, but is it simple that paypal still support SSLV3 at this moment, would it fail after 4 Decmeber?

    the test result:

    COMMUNICATIONS TEST OKAY.
    You may see error information below, but that information simply confirms that the server actually responded, which means communications is open.
    Array
    (
    [url] => "https://api-3t.paypal.com/nvp"
    [content_type] => text/plain; charset=utf-8
    [http_code] => 200
    [header_size] => 153
    [request_size] => 204
    [filetime] => -1
    [ssl_verify_result] => 0
    [redirect_count] => 0
    [total_time] => 0.404822
    [namelookup_time] => 0.09915
    [connect_time] => 0.140942
    [pretransfer_time] => 0.284499
    [size_upload] => 37
    [size_download] => 146
    [speed_download] => 360
    [speed_upload] => 91
    [download_content_length] => 146
    [upload_content_length] => 37
    [starttransfer_time] => 0.404745
    [redirect_time] => 0
    [certinfo] => Array
    (
    )

    [redirect_url] =>
    )

 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. v151 (28) Operation timed out after 60001 milliseconds with 0 bytes received
    By diptimoy in forum Built-in Shipping and Payment Modules
    Replies: 4
    Last Post: 14 Apr 2015, 11:51 PM
  2. (28) Operation timed out after 60000 milliseconds with 0 bytes received
    By edadk in forum PayPal Express Checkout support
    Replies: 4
    Last Post: 25 Aug 2010, 08:12 PM
  3. (28) Operation timed out with 0 out of -1 bytes received
    By Vladimir7 in forum PayPal Express Checkout support
    Replies: 3
    Last Post: 29 Oct 2008, 07:02 PM
  4. - (28) Operation timed out after 60000 milliseconds with 0 bytes received
    By stagebrace in forum PayPal Express Checkout support
    Replies: 1
    Last Post: 26 Aug 2008, 03:52 PM
  5. EC Error - (28) Operation timed out with 0 out of -1 bytes received
    By elcantodelospajaros in forum PayPal Express Checkout support
    Replies: 4
    Last Post: 7 Mar 2008, 12:51 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR