Site: American-savage.com
ZENCART version 1.5
Checkout: PayPal Express
Site worked fine in Sandbox

Greetings:
In live mode using PayPal Express the site gets the error message: "We are sorry for the inconvenience. The PayPal account authentication settings are not yet set up, or the API security information is incorrect. We are unable to complete your transaction. Please notify the store owner so they can correct this problem. (10002) 10002 Security error - Security header is not valid"



This is the source code in the browser. It is pointing at http: instead of https: (however the button is fine

<!-- ** BEGIN PAYPAL EXPRESS CHECKOUT ** --> <div id="PPECbutton" class="buttonRow"> <a href="http://www.american-savage.com/ipn_main_handler.php?type=ec"><img src="https://www.paypalobjects.com/en_US/i/btn/btn_xpressCheckout.gif" alt="Click here to pay via PayPal Express Checkout" /></a> </div> <!-- ** END PAYPAL EXPRESS CHECKOUT ** -->




I have checked my settings at PayPal 1000% (smile) and here are the error log (CURL) and PAYPal:

2012-04-29 04:44:19
-------------------
(live transaction) --> https://api-3t.paypal.com/nvp
Request Headers:
Array
(
[0] => Content-Type: text/namevalue
[1] => X-VPS-Timeout: 90
[2] => X-VPS-VIT-Client-Type: PHP/cURL
[3] => X-VPS-VIT-Integration-Product: PHP::Zen Cart(R) - PayPal/NVP
[4] => X-VPS-VIT-Integration-Version: 1.5.0
)


Request Parameters: {SetExpressCheckout}
Array
(
[AMT] => 19.95
[ITEMAMT] => 19.95
[L_NUMBER0] => CWEXR0002
[L_NAME0] => CWEXR0002 - Excavated Misc. Relics in 4x6 Riker Case [227]
[L_QTY0] => 1
[L_AMT0] => 19.95
[CURRENCYCODE] => USD
[LOCALECODE] => US
[ALLOWEDPAYMENTMETHOD] => InstantPaymentOnly
[GIFTMESSAGEENABLE] => 0
[GIFTRECEIPTEENABLE] => 0
[GIFTWRAPENABLE] => 0
[GIFTWRAPNAME] =>
[GIFTWRAPAMOUNT] => 0
[BUYEREMAILOPTINENABLE] => 0
[CUSTOMERSERVICENUMBER] =>
[BRANDNAME] => AMERICAN-SAVAGE.com
[PAYMENTACTION] => Sale
[ALLOWNOTE] => 1
[LANDINGPAGE] => Billing
[NOSHIPPING] => 0
[REQCONFIRMSHIPPING] => 1
[RETURNURL] => http://www.american-savage.com/ipn_m...er.php?type=ec
[CANCELURL] => http://www.american-savage.com/index...rt&ec_cancel=1
[PAGESTYLE] => Primary
[METHOD] => SetExpressCheckout
[USER] => ricandritasavage_api1.hotmail.com
[PWD] => ***************************************
[VERSION] => 61.0
[SIGNATURE] => ****************************************************UWKp
)


Response:
Array
(
[TIMESTAMP] => 2012-04-29T22:44:19Z
[CORRELATIONID] => 4a00c3298170d
[ACK] => Failure
[VERSION] => 61.0
[BUILD] => 2840849
[L_ERRORCODE0] => 10002
[L_SHORTMESSAGE0] => Security error
[L_LONGMESSAGE0] => Security header is not valid
[L_SEVERITYCODE0] => Error
[CURL_ERRORS] =>
)


SetExpressCheckout, Elapsed: 379ms -- Failure

TIMESTAMP=2012%2d04%2d29T22%3a44%3a19Z&CORRELATIONID=4a00c3298170d&ACK=Failure&V ERSION=61%2e0&BUILD=2840849&L_ERRORCODE0=10002&L_SHORTMESSAGE0=Security%20error& L_LONGMESSAGE0=Security%20header%20is%20not%20valid&L_SEVERITYCODE0=Error&CURL_E RRORS=


2012-04-29 04:44:19
-------------------
(live transaction) --> https://api-3t.paypal.com/nvp
Request Headers:
Array
(
[0] => Content-Type: text/namevalue
[1] => X-VPS-Timeout: 90
[2] => X-VPS-VIT-Client-Type: PHP/cURL
[3] => X-VPS-VIT-Integration-Product: PHP::Zen Cart(R) - PayPal/NVP
[4] => X-VPS-VIT-Integration-Version: 1.5.0
)


Request Parameters: {SetExpressCheckout}
Array
(
[AMT] => 19.95
[ITEMAMT] => 19.95
[L_NUMBER0] => CWEXR0002
[L_NAME0] => CWEXR0002 - Excavated Misc. Relics in 4x6 Riker Case [227]
[L_QTY0] => 1
[L_AMT0] => 19.95
[CURRENCYCODE] => USD
[LOCALECODE] => US
[ALLOWEDPAYMENTMETHOD] => InstantPaymentOnly
[GIFTMESSAGEENABLE] => 0
[GIFTRECEIPTEENABLE] => 0
[GIFTWRAPENABLE] => 0
[GIFTWRAPNAME] =>
[GIFTWRAPAMOUNT] => 0
[BUYEREMAILOPTINENABLE] => 0
[CUSTOMERSERVICENUMBER] =>
[BRANDNAME] => AMERICAN-SAVAGE.com
[PAYMENTACTION] => Sale
[ALLOWNOTE] => 1
[LANDINGPAGE] => Billing
[NOSHIPPING] => 0
[REQCONFIRMSHIPPING] => 1
[RETURNURL] => http://www.american-savage.com/ipn_m...er.php?type=ec
[CANCELURL] => http://www.american-savage.com/index...rt&ec_cancel=1
[PAGESTYLE] => Primary
[METHOD] => SetExpressCheckout
[USER] => ricandritasavage_api1.hotmail.com
[PWD] => ***************************************
[VERSION] => 61.0
[SIGNATURE] => ****************************************************UWKp
)


Response:
Array
(
[TIMESTAMP] => 2012-04-29T22:44:19Z
[CORRELATIONID] => 4a00c3298170d
[ACK] => Failure
[VERSION] => 61.0
[BUILD] => 2840849
[L_ERRORCODE0] => 10002
[L_SHORTMESSAGE0] => Security error
[L_LONGMESSAGE0] => Security header is not valid
[L_SEVERITYCODE0] => Error
[CURL_ERRORS] =>
)


SetExpressCheckout, Elapsed: 379ms -- Failure

TIMESTAMP=2012%2d04%2d29T22%3a44%3a19Z&CORRELATIONID=4a00c3298170d&ACK=Failure&V ERSION=61%2e0&BUILD=2840849&L_ERRORCODE0=10002&L_SHORTMESSAGE0=Security%20error& L_LONGMESSAGE0=Security%20header%20is%20not%20valid&L_SEVERITYCODE0=Error&CURL_E RRORS=



What have I done wrong? Or can I do more to assist in solving this?

Thank you,

jund (John Underwood)