发表新帖
发表新帖

Socket connection error connecting to sandbox at www.sandbox.paypal.com

前端 未结
关注
2 1456
梦如初夏
梦如初夏 2021-01-23 10:58

When I try connect with fsockopen:

$fp = fsockopen(\'tls://www.sandbox.paypal.com\', 443, $errno, $errstr, 30);

The function shows

相关标签:
2条回答
  • 北海茫月
    2021-01-23 11:32

    Thank you, the problem is due the version of tls in my server:

    PayPal Answer

    PayPal implemented security upgrade in sandbox environment recently

    PayPal implemented security upgrade in sandbox environment recently, refer to https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1913&viewlocale=en_EN

    SSL Certificate Upgrade Guide https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1766&viewlocale=en_US

    0 讨论(0)
  • 悲哀的现实
    2021-01-23 11:44

    Has Paypal has changed the socket configuration of the sandbox? Or what else is wrong?

    It looks like PayPal disabled TLS 1.0 and 1.1. Or, they are only supporting AES/GCM cipher suites (and similar). You must use TLS 1.2.

    You can probably find a blog post or press release stating the same...

    TLS 1.0

    $ /usr/local/bin/openssl s_client -connect www.sandbox.paypal.com:443 -tls1 -servername www.sandbox.paypal.com
CONNECTED(00000003)
140735201563100:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1472:SSL alert number 40
140735201563100:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:656:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1
    Cipher    : 0000
    ...

    TLS 1.2

    $ /usr/local/bin/openssl s_client -connect www.sandbox.paypal.com:443 -tls1_2 -servername www.sandbox.paypal.com
CONNECTED(00000003)
...
---
Certificate chain
 0 s:/jurisdictionC=US/jurisdictionST=Delaware/businessCategory=Private Organization/serialNumber=3014267/C=US/postalCode=95131-2021/ST=California/L=San Jose/street=2211 N 1st St/O=PayPal, Inc./OU=PayPal Production/CN=www.sandbox.paypal.com
   i:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 EV SSL CA - G3
 1 s:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 EV SSL CA - G3
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIQVeuz+EgDzKxFsKnpA78ETzANBgkqhkiG9w0BAQsFADB3
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVj
IENsYXNzIDMgRVYgU1NMIENBIC0gRzMwHhcNMTUwOTE4MDAwMDAwWhcNMTcwOTI5
MjM1OTU5WjCCARcxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIB
AgwIRGVsYXdhcmUxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYD
VQQFEwczMDE0MjY3MQswCQYDVQQGEwJVUzETMBEGA1UEEQwKOTUxMzEtMjAyMTET
MBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2UxFjAUBgNVBAkM
DTIyMTEgTiAxc3QgU3QxFTATBgNVBAoMDFBheVBhbCwgSW5jLjEaMBgGA1UECwwR
UGF5UGFsIFByb2R1Y3Rpb24xHzAdBgNVBAMMFnd3dy5zYW5kYm94LnBheXBhbC5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOQlgP1/OgAQ7TLB1A
1Kwr6a3EIfZRKl5HT9FmwR5sliGJBzQC4UdjUkCOQYBqzCwFrvc486aVTtAvE2JK
PVP1OertRT7rQH8Oq/d60X2Cv32PmvwO0NnPsiQWwEKtqAvfHOUZf+4nfp3LxfGa
gb4k4Nbeq/PegcArIXlGC06M85Urz3b10JqitnWgiHDRYWzh9PlHnPf6m/zVtLQw
GYZxu11Gtq8wB5Ot4q2vlQTf1WcR4Li5HmAFIVHYXgjNLpfdI3PMNkjTiZEgn1AT
kqkxyxzTt9V4YnwM7JEvygBpXRJKRHGYy52O35uKNdO+8J27HNX8kWnSHI1ogpC+
dezbAgMBAAGjggFwMIIBbDAhBgNVHREEGjAYghZ3d3cuc2FuZGJveC5wYXlwYWwu
Y29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjBmBgNVHSAEXzBdMFsGC2CGSAGG+EUBBxcGMEwwIwYIKwYB
BQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0
dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFAFZq+fdOgtZpmRj1s8g
B1fVkedqMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zci5zeW1jYi5jb20vc3Iu
Y3JsMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NyLnN5bWNk
LmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NyLnN5bWNiLmNvbS9zci5jcnQwDQYJ
KoZIhvcNAQELBQADggEBACEZZKMKatEKSSuTaBF+qeRP2CqqJLZefggNLXDM8hNb
mh05RQ95FSqGQMSKprbDNWxYqPERee7R2wvW4egmM0kmtU+PWlm/W1DaSE0E/5QN
6gx9Is0wC7DF4W3USGT8M4Itp225wf9doh2d3+ACw19xHfmri0fQiogrPSo3U0/X
tD7QKpFNlrgpXH5Xz5qReiJeZnbI89dw1ILEdDjni/OCZmYGUpfZS2vY4eqR0w+s
0NWsfHzijXkJug2nrDjXJAmZAsagwR8acYOI8L86hJP8GC554z6TiuA6Of2GxVzx
ngM1+KlNBGhY5NRTEJG10KcQklDH6nMdoR1ZjajM7mw=
-----END CERTIFICATE-----
subject=/jurisdictionC=US/jurisdictionST=Delaware/businessCategory=Private Organization/serialNumber=3014267/C=US/postalCode=95131-2021/ST=California/L=San Jose/street=2211 N 1st St/O=PayPal, Inc./OU=PayPal Production/CN=www.sandbox.paypal.com
issuer=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 EV SSL CA - G3
---
No client certificate CA names sent
Peer signing digest: SHA1
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3263 bytes and written 474 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 9E01CD86FA9CF328AD505F17E34C0A9BE6846F89E553D8D0F2946F8859F695C7
    Session-ID-ctx: 
    Master-Key: BB1AC5E8C2AAF6B393EB85558C25F2AD8A28CA071E5605D3CEA714A15DC8E9D1
    16948150238A67245BBE5C3BD7B81EC2
    ...
    0 讨论(0)
 看不清?
提交回复
热议问题