Hello - My customers are no longer able to checkout because (I'm assuming) my site is not compliant with the TLS1.2 upgrade.
I asked my hosting plan and they said it is compliant, but paypal is stating it is not.

This is the message one gets when attempting to checkout:

I'm sorry, there was a problem with your transaction.
Transaction Result
Error, couldn't connect to https://api-3t.paypal.com/2.0/ (-2147012739).
An error occurred in the secure channel support

Would this be happening due to the fact that I am using a shared SSL? If so - do you think that a dedicated SSL might solve the problem?
Any help would be appreciated.

My domain is www.pwcgraphics.com if anyone wants to take a look.
Thanks!

Hi

That is almost certainly a TLS1.2 issue. Getting your own ssl certificate is a good idea but you will need to make sure your host can guarantee TLS1.2 compliance.

Andy

Please feel free to review / rate our software

Thank you very much for the info.
This is the response that I received from my host:

Hello Mike,
Thank you for your update.
We have checked that TLS version 1.2 is enabled for site pwcgraphics.com.
Since you are using shared SSL, now you need to purchase SSL certificate for site pwcgraphics.com to secure your site from all external attacks and as per the instructions you have received from paypal that your site should be on https to meet the security compliance.

I am totally new at SSL. My hosting company sells SSL for $100 per year.
Is it possible to order SSL from another company and still use it on my site?
If so - are there any recommendations of providers that are reliable yet not as expensive?

Thanks again!

$100 / year is ridiculously expensive. Godaddy do them much cheaper although I haven't used them personally. Maybe someone here can offer a more reasonable recommendation.

Andy

Please feel free to review / rate our software

Just bring the site over here John, you know it will work properly and we can hook you up with a free SSL certificate if the site is low volume or on a tight budget.

Peter

ServeLink
Professional ecommerce web hosting for ASP & PHP
https://servelink.com

Take a look at our image upload/resize tool for the ASP cart
https://servelink.com/clients/cart.php?gid=7

OK - I set up a free 90 day SSL so I can test this out before purchasing one.

Now when I try to check out, I get this message "The requested URL /nonexistent//cart.asp was not found on this server."
And in the web address bar it shows https://my.hostmanagement.net/ssl/30//pwcgraphics.com/cart.asp

I believe this is my old shared SSL, but I do not know what I am supposed to change to configure this properly.

I am using Paypal web payments pro. Any ideas?
Thanks!

Is this a setting within my admin, in the actual asp files or is it in my paypal settings?
Any help would be appreciated - thanks!

Having gone through adding to cart and the pop up cart showing, choosing either the PayPal or the Checkout button goes to the following page - https://my.hostmanagement.net/ssl/30//pwcgraphics.com/cart.asp

On line 180 when viewing the page source I see <form method="post" name="checkoutform" action="https://my.hostmanagement.net/ssl/30//pwcgraphics.com/cart.asp"><input type="hidden" name="mode" value="checkout" />

When loading the cart page - https://www.pwcgraphics.com/cart.asp I see the cart as expected



Will
Bolton Manchester UK

I see what you mean. That area is not actually in my cart.asp page so that leads me to believe it is some sort of setting somewhere in the admin pages.
It could have been something that I setup when I started using paypal payments pro with a shared SSL, but it was so long ago, I would have no idea what was done or how to set it to work with my new SSL.

Is it possible that it has something to do with paypal's API?

Also - Is this forum the desired venue for tech support?
I'm thinking this is likely a simple setting for someone more advanced than myself.
I don't want to be emailing or private messaging fr support if that is against protocol.

Unfortunately, I am out of business until I get this figured out and this is my busiest time of the year.

What do you have set in the admin "main setting" for the https url?
Check that.
Previously on older versions, there was a setting in includes.

I have tried https://pwcgraphics.com,
https://pwcgraphics.com/cart.asp
I've also tried leaving it blank and using the old method in the includes file - nothing is working.

Ok, if you see the place to enter the secure version of your site in the admin, then you must be on a new version of the cart.
https://www.pwcgraphics.com/cart.asp is showing secure, so https://www.pwcgraphics.com/ is what you want set there.

Can you set that and let me take a look at the site?

I see you also are not forcing a www or non www version of your site. That will be an issue in itself.
Lets get the checkout working, then deal with that.

I removed the line from my includes asp file and in the main settings I have
HTTPS Store URL: https://www.pwcgraphics.com/

Ok, next check your admin, under payment providers.
Please list here all that are enabled. (they will be shown in bold)

PayPal Direct Payments
PayPal Express Payments

Ok, that's fine.

Next, you need to check two places for anything relating to hostmanagement
I would check right in cart.asp before the include line <!--#include file="vsadmin/inc/inccart.asp"-->
to see if you had somehow set a reference to that old SSL there.

check the vsadmin/includes.asp file carefully.

If you still cannot find any reference to the word hostmanagement, and you use an html editor like expresssion web or dreamweaver, search the entire website (all pages) for the word hostmanagement

Let me know what you find.

It seems to be working.
I have always had my admin in a secret folder - so I was editing the includes file there.

When I copied the same includes file to the default admin folder, it fixed the problem.
Does that mean that I am not actually using the "secret" folder?

Thanks so much for the help

No, it's fine.
The way that works, is you have the front end of your site workign off the the vsadmin (as it should) and you should have a setting there in that includes, to lock it down from access.
Then you access the back end (admin) from your secret admin.

When you make changes to includes, you make the change to both.

Glad you got it sorted.

Hate to be a pest, but you also mentioned the following:

I see you also are not forcing a www or non www version of your site. That will be an issue in itself.
Lets get the checkout working, then deal with that.

Is this something that I should be concerned with? if so ny info on what I should do about it?
Perhaps a help article? Thanks again!

Your right. You should deal with that.
Being that you have the .asp version, it's safe to assume you are on a windows server.
I'm not sure where you are hosted, but you should be able to setup a web.config file and upload that to the server.
It's possible there is one there already.
Can you check the files on the server and see if there is a web.config file there?
You may also want to ask your host how they recommend redirecting non www to the www version of your site, or vice versa.

You should decide if you like one or the other and set things up to force that.
The reason is, if a user lands on your site somedomain.com and then during checkout they end up on www.somedomain.com they will lose the contents of their cart.
The server will treat that as two different sessions (carts, users).

Also, your SSL will issued with or without the www.

Once we determine if you have an existing web.config file, or you can create one, or the host has some other redirect procedure, we will know the best way to proceed.