Authorize.net disabled SSLv3 sometime recently. You'll need to upgrade whatever you're using to use TLS. Perhaps ActiveMerchant has an update that takes care of it...
On Fri, May 29, 2015 at 8:14 PM Chris McCann <[email protected]> wrote: > SD Ruby, > > A Rails app I've had in production for over 7 years developed an odd > problem on Thursday. This change was not preceded by any code or server > changes within the past few weeks. > > It's a Rails 2.3 app running on Ruby 1.8.7 (yes, it's old, and I've been > working on upgrading it for months). It runs on Ubuntu 10.04.4 LTS (I > know, also old, and being upgraded). > > It uses ActiveMerchant to process credit card payments via the > Authorize.net gateway. This bit has worked essentially flawlessly for over > 5 years. > > This past Thursday my client tried to process a credit card payment and > the app threw an error: > > A OpenSSL::SSL::SSLError occurred in credit_card_payments#create: > > SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: > certificate verify failed > > /usr/local/rvm/rubies/ruby-1.8.7-p352/lib/ruby/1.8/net/http.rb:586:in > `connect' > > Of course, this happened while I was on an airplane, and more ironically, > flying to San Antonio to see my client. > > Frantic Googling at 41,000 feet brought me to this: > http://mislav.uniqpath.com/2013/07/ruby-openssl/ > > One of the suggestions in the mislav article is to do a CA certificate > upgrade via apt-get (sounds of ominous bass notes in the background). > Since the Ubuntu distro I have been using has been "end-of-lifed" (ELO'd), > I cannot update the CA certificates on the distro, though all of the other > checks indicate this isn't an issue. > > Also mentioned in that article is the "doctor.rb" script to check things, > and it reported all was "OK". > > I contacted our SSL provider, RapidSSL, and they verified that our SSL > certificate, and the others in the cert chain, were valid and installed > correctly. > > I have reached out to Authorize.net to ask them if anything changed on > their end but haven't heard back yet. > > My plea to SD Ruby: has anyone else encountered something like this? I'm > at a loss as to what the cause might be or how to fix it, short of the > long-delayed upgrade to Rails 4 and a new Linux distro. > > Thanks, > > Chris > > -- > -- > SD Ruby mailing list > [email protected] > http://groups.google.com/group/sdruby > --- > You received this message because you are subscribed to the Google Groups > "SD Ruby" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby --- You received this message because you are subscribed to the Google Groups "SD Ruby" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
