UPS Module Seems to be updated few days ago. Update notes go:
After updating, I still am not getting shipping estimates :dontgetitCode:Updated for improved compatibility with PHP 7.2
Printable View
UPS Module Seems to be updated few days ago. Update notes go:
After updating, I still am not getting shipping estimates :dontgetitCode:Updated for improved compatibility with PHP 7.2
After communicating with my hosting, I got this reply, which I think was very insightful:
Quote:
Upon review of your Zen Cart thread as well as your site, it appears that there might be a problem with how UPS is interpreting your SSL certificate. When we went to visit your site, we noticed that it was pulling up as http as opposed to https. Since the site was not forcing the use of https on port 80, we believe that UPS was accessing your site with a different port and not seeing that there is an encryption layer.
We went through and forced the use of https on your site so that all traffic is connecting via port 80. Since your SSL certificate is not calling on the use of TLS v1, your site is not using this TLS version so UPS shouldn't be able to connect this way at all. Though it is still enabled on your server itself, it is not a default and would have to be hard coded in to call upon this TLS version.
While I'm not exactly impressed by the response, I would say that if the site has been forced to be all https by any arrival path, then the includes/configure.php and admin/includes/configure.php files should be updated to reflect the full site as https:. This is covered in this FAQ: https://www.zen-cart.com/content.php...alled-zen-cart
It entails modifying the constant HTTP_SERVER so that it begins with https: and to also ensure that any constant such as SSL_ENABLE has true between the single quotes such as:
Note that the includes/configure.php may have its permissions set to 0444 which would prevent saving the change(s). It may not fix this issue, but it is something that needs to be done for the way the site is currently set up.Code:define('SSL_ENABLE', 'true');
Currently, my includes/configure.php
I should make the HTTP_SERVER to be 'https'? So it would be as this:Code:define('HTTP_SERVER', 'http://www.*********.com');
define('HTTPS_SERVER', 'https://www.*********.com');
define('ENABLE_SSL', 'true');
Code:define('HTTP_SERVER', 'https://www.*********.com');
define('HTTPS_SERVER', 'https://www.*********.com');
define('ENABLE_SSL', 'true');
Yes and then in admin version: HTTP_CATALOG_SERVER should have the same change.Quote:
Originally Posted by sle39lvr
Like said, may not resolve the UPS issue, but is a start in the right direction for overall setup considering your host has made the changes that they have.
Go to admin->version and post your cURL version (the text next to it says "cURL information"). I have seen sites get into trouble because of old cURL versions.
Quote:
Originally Posted by swguy
Code:cURL support enabled
cURL Information 7.19.7
That's your problem. This is a 10 year old version that's no longer secure (it uses an old version of OpenSSL).
The trouble is, you won't be able to convince your hoster of this. You'll need to go to a new hoster that stays more up to date (or move to a VPS account where you can update your own software).
What version should the cURL be?
7.63.0 is current
https://curl.haxx.se/docs/releases.html
Your version is 10 years old. Lots of vulnerabilities.