Community Support for the Catalook Store

 

Catalook Support Forum

Authorize.NET TLS 1.2
Last Post 05/29/2018 4:15 PM by Nina Meiers. 6 Replies.
AddThis - Bookmarking and Sharing Button Printer Friendly
  •  
  •  
  •  
  •  
  •  
Sort:
PrevPrev NextNext
You are not authorized to post a reply.
Author Messages Resolved
Bill Jones
New Member
New Member
Posts:4


--
06/15/2017 2:52 AM
    per the notice from Authorize.net: disable early TLS by 2018

    On September 18th, authorize.net will no longer support older TLS SSL connections - they will only support TLS 1.2

    Will the Catalook (version 6.0.8) payment processing continue to work properly when this change is fully implemented by Authorize.net?  will it continue to work the same as it does now?

    OR

    Will there need to be a settings change or a newer version (of Catalook) installed? 


    Thanks,

    Bill Jones
    RedLan
    New Member
    New Member
    Posts:1


    --
    10/11/2017 4:22 AM
    Hi Bill

    Did you ever get a reply or a fix to this one ? Seems to be a pretty universal issue as we face something similar. I would love to know if you got a solution or workaraound

    Thanks, Red
    Bill Jones
    New Member
    New Member
    Posts:4


    --
    10/18/2017 5:19 AM
    Well:

    1: To clarify: We are using catalook.net - module system for DNN, based on .net version of catalook.

    That said: The store is running on IIS, .net 4.0+

    As long as the source code is not explicitly specifying TLS less than 1.2 (I doubt/hope that it isn't), then it will use the settings as configured on the server. In my case, I have access to the server and can update the registry. 2 add/changes to the registry are required to force the default values for the server to use TLS 1.2+ as a client:

    A and B1 from this article (only did it for TLS 1.2): https://success.outsystems.com/Support/Enterprise_Customers/Maintenance_and_Operations/(.NET)_Enable_SSL_Protocols_for_your_Integrations_-_TLS_1.1_and_TLS_1.2

    I do not yet know if this has 100% addressed the issue. I am considering the best way to test it.
    Bill Jones
    New Member
    New Member
    Posts:4


    --
    01/31/2018 1:57 AM
    • Accepted Answer
    I believe I have the answer for this:

    TLS 1.2 is supported in .NET 4.5+ (adds backwards compatibility to .NET 4.0)

    As long as the server has .NET 4.5+ installed and your DNN Site AppPool is using .NET 4.0+ (Any modern DNN is .NET 4.0+) then the site will support the new requirements for TLS 1.2 support.

    I have verified this with the test api and I am reasonably sure that the store will continue to function after the change.
    timk
    New Member
    New Member
    Posts:7


    --
    03/07/2018 2:05 PM
    As you might have realized... this is not the case.  My server has .Net 4.6.2 and Catalook 6.7.9 and it's dead in the water....
    Bill Jones
    New Member
    New Member
    Posts:4


    --
    03/07/2018 4:32 PM
    I verified my findings through testing.
    My sites continue to process payments properly. 

    I would suggest that your server is not configured properly and is using old cipher suites/TLS settings and will require at least some registry adjustments to set the defaults to the appropriate levels. 

    What OS is the server?
    Is it Fully Patched? 
    Are you getting errors from Authorize.net API?  






    Nina Meiers
    I am the boss today!
    Veteran Member
    Veteran Member
    Posts:509


    --
    05/29/2018 4:15 PM
    The latest build of catalook will support the latest TLS settings.
    Give me a place to stand and a lever long enough... and I will change the world.
    You are not authorized to post a reply.


    Catalook Support Chapters