hi finally got openssl to stop giving me the Verify return code: 20 (unable to get local issuer certificate) and now get 0 OK response
it was a certificate file issue. issued a lot of openssl s_client -CAfile "DIFFERENT CERT AND PEM FILES" -connect ..... until I got the ok. still trying to get LWP/PayflowPro.pm to work though. seams the ssl_opts( SSL_ca_file => 'WORKING_CERT_FILE' ) is not taking as expected. Benn ----- Original Message ----- From: <eej...@webcircle.com> To: "Benn Boulton" <b...@comfortinc.com>; <openssl-users@openssl.org> Sent: Saturday, July 21, 2012 2:45 PM Subject: Re: LWP and CURL connections stoped working. thanks for the offer. best I can determine something upgraded - lwp or openssl and it doesn't handle the handshake properly. glad you found a workaround. eejack At 09:36 AM 7/21/2012, Benn Boulton wrote: >hi and thanksfor the suggestion but no help for me. > >What i ended up doing is to pass the transaction info to an other server I >own that does not have the problem >then send the transaction to paypal and return the response back to the >original call > >The other server is SSL secured as well and still has Perl 5.8.8 installed > >I have set up the the pass through server to work for multiple paypal >accounts. >The original server that sends the request gets the responce and puts it >back into a hash >Very few additional lines of code >basicly > >1 make a '&' seperated name=value string of the transaction > - the string has additional fields for file name and debug/testing > - the filename on the other server contains the login for paypal > - so not paypal login info is passed over the first connection > >2 send re3quest to other server with CURL > $response = `/path/to/specialcurlscript '$URL_to_other_server' >'$TRANS_TEST''`; > >3 other server builds the request as needed by Payflow and calls >pfpro($data) command > >4 other server converts HASH to '&' seperated 'name=value' string > >5 original server converts string back to HASH and continues as usual > > >I can make my server available if needed www.comfortsignups.com > >---here are the orig script changes > my $pfpdata = ''; > $pfpdata .= "AMT=$orderamount"; > $pfpdata .= "&TENDER=C"; # credit card > $pfpdata .= "&TRXTYPE=S"; # sale > $pfpdata .= "&TAXAMT=0.00"; > $pfpdata .= "&FIRSTNAME=$cardfname"; > $pfpdata .= "&LASTNAME=$cardlname"; > $pfpdata .= "&STREET=$cardaddress"; > $pfpdata .= "&ZIP=$cardzip"; > $pfpdata .= "&EMAIL=$cardemail"; > $pfpdata .= "&ACCT=$cardno"; > $pfpdata .= "&EXPDATE=$cardexp"; > $pfpdata .= "&CVV2=$securitycode"; >. >. >. > $pfpdata .= "&pfprocfg=pfpro.cfg"; # extra to get PayPal login > $pfpdata .= "&debug_level=0"; # extra to turn on debug and >testmode (OPTIONAL) > > $response = `/var/www/SpecialScripts/ccipfpro.pl '$url' '$pfpdata'`; > chomp($response); > $result = {}; > @results = split(/&/, $response); > foreach my $pair (@results) { > ($param, $value) = split(/=/, $pair,2); > $result->{$param} = $value; > } >. >. >. > >--- here is the 'specialperlscript' >#!/usr/bin/perl > >$url = @ARGV[0]; >$data = @ARGV[1]; > > use WWW::Curl::Easy; > my $curl = WWW::Curl::Easy->new; > $curl->setopt(CURLOPT_URL, $url); > $curl->setopt(CURLOPT_POST,1); > $curl->setopt(CURLOPT_POSTFIELDS,$data); > $curl->setopt(CURLOPT_RETURNTRANSFER,1); > $return_code = $curl->perform; > $response_code = $curl->getinfo(CURLINFO_HTTP_CODE); > > >----- Original Message ----- >From: <eej...@webcircle.com> >To: <b...@comfortinc.com> >Sent: Friday, July 20, 2012 11:24 PM >Subject: LWP and CURL connections stoped working. > > > >right now this looks like a solution for me. > >$ua->ssl_opts( SSL_version => 'TLSv1'); > >I put it in right after I created the LWP useragent.... > >my $req; >$req = HTTP::Request->new('POST', 'https://payflowpro.paypal.com/', >$headers, $queryStr); >my $ua = LWP::UserAgent->new; >$ua->ssl_opts( SSL_version => 'TLSv1'); > >I worked it out after I saw someone mentioned curl ( never used it >before ). > >curl https://payflowpro.paypal.com >does not work. >curl https://payflowpro.paypal.com -v -3 >does. > > >hope this helps. > >eejack ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org