我正在开发一家在线商店,该商店使用自定义 PHP 脚本与 Orbital Chase Paymentech 作为网关进行交互。最近,由于 CURL 遇到错误,该商店的网站无法处理订单。特别是,
curl_errno()
返回 56
和 curl_error()
返回 SSL read: error:00000000:lib(0):func(0):reason(0), errno 104
。
然而,向 Paymentech 发出的付款请求进展顺利。 (即,我们的请求格式正确,并且正在向信用卡收费。)正确的 IP 已在 Paymentech 端列入白名单。
这是我们的 CURL 配置:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, 'Chase Paymentech Gateway/1.0');
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
// curl_setopt($ch, CURLOPT_FORBID_REUSE, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $request);
// curl_setopt($ch, CURLOPT_SSLVERSION, 6);
// curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
// curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
$result = curl_exec($ch);
我已经尝试了上述 CURL 设置的几乎所有合理排列,但均无济于事。我们总是收到 CURL 错误 56 和 SSL read errno 104。我已经尝试了其他 stackoverflow 问题的建议,也无济于事。
我在下面粘贴了一个付款请求的示例日志(隐藏了一些敏感信息)。如您所见,请求已超过
TLSv1.2 / AES128-GCM-SHA256
。我已与 Chase 确认这是可接受的 SSL 版本和密码。
网站上的证书是来自 Geotrust / RapidSSL 的最新证书,自从我开始解决此问题以来,已经安装了新的证书。
有人知道这是怎么回事吗?据我所知,我们的 CURL / SSL 证书设置中有一些问题导致通信失败,但我无法弄清楚原因是什么或如何修复它。请帮忙!
CURL 输出:
* Hostname was NOT found in DNS cache, referer: https://www.==our-url===.org/index.php/payment
* Trying 206.253.186.176..., referer: https://www.==our-url===.org/index.php/payment
* Connected to orbital1.chasepaymentech.com (206.253.186.176) port 443 (#0), referer: https://www.==our-url===.org/index.php/payment
* successfully set certificate verify locations:, referer: https://www.==our-url===.org/index.php/payment
* CAfile: /etc/pki/tls/certs/ca-bundle.crt, referer: https://www.==our-url===.org/index.php/payment
CApath: none, referer: https://www.==our-url===.org/index.php/payment
* SSL connection using TLSv1.2 / AES128-GCM-SHA256, referer: https://www.==our-url===.org/index.php/payment
* Server certificate:, referer: https://www.==our-url===.org/index.php/payment
* subject: C=US; ST=New York; L=New York; O=Chase Paymentech Solutions, LLC; OU=CPS ENA; CN=orbital1.chasepaymentech.com, referer: https://www.==our-url===.org/index.php/payment
* start date: 2017-01-17 00:00:00 GMT, referer: https://www.==our-url===.org/index.php/payment
* expire date: 2018-01-18 23:59:59 GMT, referer: https://www.==our-url===.org/index.php/payment
* subjectAltName: orbital1.chasepaymentech.com matched, referer: https://www.==our-url===.org/index.php/payment
* issuer: C=US; O=Symantec Corporation; OU=Symantec Trust Network; CN=Symantec Class 3 Secure Server CA - G4, referer: https://www.==our-url===.org/index.php/payment
* SSL certificate verify ok., referer: https://www.==our-url===.org/index.php/payment
> POST /AUTHORIZE HTTP/1.0\r, referer: https://www.==our-url===.org/index.php/payment
MIME-Version: 1.0\r, referer: https://www.==our-url===.org/index.php/payment
Content-type: application/PTI41\r, referer: https://www.==our-url===.org/index.php/payment
Content-length: 1148\r, referer: https://www.==our-url===.org/index.php/payment
Content-transfer-encoding: text\r, referer: https://www.==our-url===.org/index.php/payment
Request-number: 1\r, referer: https://www.==our-url===.org/index.php/payment
Document-type: Request\r, referer: https://www.==our-url===.org/index.php/payment
Merchant-id: ############\r, referer: https://www.==our-url===.org/index.php/payment
Host: orbital1.chasepaymentech.com\r, referer: https://www.==our-url===.org/index.php/payment
\r, referer: https://www.==our-url===.org/index.php/payment
\r, referer: https://www.==our-url===.org/index.php/payment
<?xml version="1.0" encoding="UTF-8"?>\r, referer: https://www.==our-url===.org/index.php/payment
<Request>\r, referer: https://www.==our-url===.org/index.php/payment
<NewOrder>\r, referer: https://www.==our-url===.org/index.php/payment
<IndustryType>EC</IndustryType>\r, referer: https://www.==our-url===.org/index.php/payment
<MessageType>AC</MessageType>\r, referer: https://www.==our-url===.org/index.php/payment
<BIN>000002</BIN>\r, referer: https://www.==our-url===.org/index.php/payment
<MerchantID>############</MerchantID>\r, referer: https://www.==our-url===.org/index.php/payment
<TerminalID>001</TerminalID>\r, referer: https://www.==our-url===.org/index.php/payment
<AccountNum>################</AccountNum>\r, referer: https://www.==our-url===.org/index.php/payment
<Exp>0118</Exp>\r, referer: https://www.==our-url===.org/index.php/payment
<CurrencyCode123CurrencyCode>\r, referer: https://www.==our-url===.org/index.php/payment
<CurrencyExponent>2</CurrencyExponent>\r, referer: https://www.==our-url===.org/index.php/payment
<CardSecValInd>1</CardSecValInd>\r, referer: https://www.==our-url===.org/index.php/payment
<CardSecVal>###</CardSecVal>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSzip>A0B1C2</AVSzip>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSaddress1>123 Something St</AVSaddress1>\r, referer: https://www.==our-url===.org/index.php/payment
<AVScity>Somewhere</AVScity>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSstate>ON</AVSstate>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSphoneNum></AVSphoneNum>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSname>Testing</AVSname>\r, referer: https://www.==our-url===.org/index.php/payment
<AVScountryCode>CA</AVScountryCode>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSDestzip>A0B1C2</AVSDestzip>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSDestaddress1>123 Something St</AVSDestaddress1>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSDestcity>Somewhere</AVSDestcity>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSDeststate>ON</AVSDeststate>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSDestphoneNum></AVSDestphoneNum>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSDestname>Testing</AVSDestname>\r, referer: https://www.==our-url===.org/index.php/payment
<AVSDestcountryCode>CA</AVSDestcountryCode>\r, referer: https://www.==our-url===.org/index.php/payment
<OrderID>1343</OrderID>\r, referer: https://www.==our-url===.org/index.php/payment
<Amount>1450</Amount>\r, referer: https://www.==our-url===.org/index.php/payment
</NewOrder>\r, referer: https://www.==our-url===.org/index.php/payment
</Request>\r, referer: https://www.==our-url===.org/index.php/payment
/authorize HTTP/1.1\r, referer: https://www.==our-url===.org/index.php/payment
Host: orbital1.chasepaymentech.com\r, referer: https://www.==our-url===.org/index.php/payment
Accept: */*\r, referer: https://www.==our-url===.org/index.php/payment
\r, referer: https://www.==our-url===.org/index.php/payment
* SSL read: error:00000000:lib(0):func(0):reason(0), errno 104, referer: https://www.==our-url===.org/index.php/payment
* Closing connection 0, referer: https://www.==our-url===.org/index.php/payment
显然重新启动我们服务器上的防火墙解决了该问题。我们将其关闭并与我们的证书颁发者进行一些测试,我们注意到该网站可以正常工作。当我们重新打开防火墙时,它仍然有效。