Can't access processor gateway after server migration.

[JacobsCHAOS]

Zen Cart: v1.5.4
Module: FirstData/Linkpoint/YourPay API
OS: Amazon Linux 64bit

I move the site from one server to another. I was using v1.5.4 before the move, and I installed a fresh copy on the new server. I then exported and imported the database, and downloaded and uploaded the includes folder.

I don't know if the previous server was 32bit or 64bit, but the new server is 64bit. I have tried it with the old SSL certificates and with new ones. My original and new certificates were issued from Comodo.

When a user tries to process a transaction on my webstite: https://www.AKCertification.org, they get an error message that reads, "We apologize for the inconvenience, but we are presently unable to contact the Credit Card company for authorization. Please contact the Store Owner for payment alternatives." I have been and still am using the same PEM file. I downloaded it again from FirstData, and it is identical to the old one.

When I run the /extras/curltester.php?details=on I get an error, which I believe is the issue. I'm just not sure what the issue is. The error is:
Connecting to LinkPointAPI server (port 1129)...

Error 56: NSS: client certificate not found (nickname not specified)

Connection Details:
Array
(
[url] => "https://secure.linkpt.net/LSGSXML"
[content_type] =>
[http_code] => 0
[header_size] => 2
[request_size] => 213
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.349252
[namelookup_time] => 0.060591
[connect_time] => 0.105362
[pretransfer_time] => 0.290279
[size_upload] => 37
[size_download] => 278
[speed_download] => 795
[speed_upload] => 105
[download_content_length] => -1
[upload_content_length] => 37
[starttransfer_time] => 0.349244
[redirect_time] => 0
[redirect_url] =>
[primary_ip] => 208.72.248.102
[certinfo] => Array
(
)

[primary_port] => 1129
[local_ip] => 172.31.28.95
[local_port] => 48726
)

Any direction in trouble shooting this and getting payments working again will be appreciated.

[DrByte]

Error 56: NSS: client certificate not found (nickname not specified)

Googling that error brings up a few things about how CURL is compiled on the server. Maybe the new server you're on might need some tweaks with how the administrator installed CURL?

[JacobsCHAOS]

All of the curl test I've run including all but the last one in curltester.php work. I made sure port 1129 is open of incoming and out going traffic even though it should only need to be open for out going. Do you have any specific thoughts on things to check or tweak? Thanks.

[kobra]

Error 56: NSS: client certificate not found (nickname not specified)

Do you have a valid SSL certificate installed?

[JacobsCHAOS]

Yes, I first tried using the same one I had been using before the migration. Then I had Comodo make a brand new set of files for me. I also redownloaded the pem file from FirstData.

I'm currently wondering if Zen Cart or the linkpoint_api store the path to the pem file some where. Perhaps I transfered the location from the old install unwittingly when I transfered my theme and data.

[JacobsCHAOS]

Another thought. I am using virtual hosts. I don't think this should make a difference, but maybe. Just in case. I'm throwing it out there.

[terraGirl]

Have you tried increasing time out limits in case the connection is timing out before it completes?

[DrByte]

Yes, I first tried using the same one I had been using before the migration. Then I had Comodo make a brand new set of files for me. I also redownloaded the pem file from FirstData.

I'm currently wondering if Zen Cart or the linkpoint_api store the path to the pem file some where. Perhaps I transfered the location from the old install unwittingly when I transfered my theme and data.

1. The curltester script doesn't use your PEM file at all. It's only testing whether CURL can reach the destination server. It doesn't do any credential verification, because it's designed to be a standalone tool for testing CURL generally, not specifically.
So, curltester is merely telling you that your server's CURL configuration is peculiar ... insomuch as yours is the first I've ever seen report that particular error message in 10+ years.

A better test, using your PEM file contents, is trying an actual payment in your store.

2. Yes, the name of your PEM file is stored in your Zen Cart database: In your linkpoint_api settings in your Admin you provide the numeric identifier that also matches the filename. And then you manually put the file into the /includes/modules/payment/linkpoint_api/ folder using FTP. Zen Cart uses that number to determine which filename to retrieve from that specific folder.
All the necessary setup is outlined here: https://www.zen-cart.com/content.php...payment-module

[JacobsCHAOS]

Ok, I just did a clean install, and the last test in the curltester.php still fails. So, it is something in the way the new server is configured. When visiting a site via a browser, it identifies the security certificate correctly. Is it possible the curl is grabbing my servers default certificate instead of grabbing the one configured in Apache?

[JacobsCHAOS]

1. The curltester script doesn't use your PEM file at all. It's only testing whether CURL can reach the destination server. It doesn't do any credential verification, because it's designed to be a standalone tool for testing CURL generally, not specifically.
So, curltester is merely telling you that your server's CURL configuration is peculiar ... insomuch as yours is the first I've ever seen report that particular error message in 10+ years.

A better test, using your PEM file contents, is trying an actual payment in your store.

2. Yes, the name of your PEM file is stored in your Zen Cart database: In your linkpoint_api settings in your Admin you provide the numeric identifier that also matches the filename. And then you manually put the file into the /includes/modules/payment/linkpoint_api/ folder using FTP. Zen Cart uses that number to determine which filename to retrieve from that specific folder.
All the necessary setup is outlined here: https://www.zen-cart.com/content.php...payment-module

Thank you DrByte, I assumed the curltester.php was using the PEM file.

I know the storenumber (first part of the name of the PEM file) is stored in the database, I was wondering about the path. However, with my latest test it is definitely some sort of configuration issue. As stated in my original post, CC transactions do not go though. I'm trying to find tests to figure out why. The store had been running flawlessly for years, but something on this new server I just moved it to is causing problems, and I'm having trouble sorting out what. Thank you again for assistance and ideas. I really do appreciate it.