Problems reaching host with oHTTPWorker

Doug Easterbrook doug at artsman.com
Thu Apr 14 23:31:54 UTC 2022


hi Scotte.

we use the oW3 workers to talk to credit card providers these days.  Admittedly, it is on the desktop and I think you are implying that you are sending directly from a web page in a remote form.


The possible problem is that the PCI council ratcheted up the requirement to connect with TLS 1.2 or better to credit card companies servers.     Run the URL at the end of the email and it shows that the site at 13.227.76.18 requires TLS 1.2 or 1.3.    If the JS form does not allow cconnection using TLS 1.2, then thats part of your problem.

if you are using the OW3 worker because the JS form sends the request back to your server, then there are parameters you can put in the oW3 worker to require TLS 1.2 connection






The other things is that DNS resolves to 12 separate IP addresses (a few IPv4 and ipV6).  so that likely means there is some load balancer in front ….  but it is odd, to me, that you get 12 publicly exposed sites.


and they are slow to give up their SSL information when I used the following to determine what might be at the end of the line at the URL. who knows if they misconfigured something.


https://www.ssllabs.com/ssltest/analyze.html?d=api.emergepay%2dsandbox.chargeitpro.com&hideResults=on&latest <https://www.ssllabs.com/ssltest/analyze.html?d=api.emergepay%2dsandbox.chargeitpro.com&hideResults=on&latest>




this is what we did in the OW3 worker to test for TLS 1.2, assuming that could be part of the problem



Do $objects.oHTTPWorker.$newref($cinst().$ref) Returns HttpWorker
Calculate HttpWorker.$followredirects as kTrue

# # Add "cURL Options" which allows custom options to be set from cURL "easy" constants
# # Ref: https://github.com/curl/curl/blob/master/include/curl/curl.h#L963 <https://github.com/curl/curl/blob/master/include/curl/curl.h#L963>
Do CurlOptions.$define(CurlOption,CurlValue)
Do CurlOptions.$add(32,"6") ## CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2
Calculate HttpWorker.$curloptions as CurlOptions

Do HeaderList.$define(HeaderName,HeaderValue)

Calculate Content as ''

# ask for the http header to see if we get a response.  if not, we couldn't communicate with TLS 1.2 or later
Do HttpWorker.$init(pURL,kOW3httpMethodHead,HeaderList,Content)
Do HttpWorker.$run() Returns OK
If not(OK)|HttpWorker.$isCanceled
# TODO: Check HttpWorker.$errortext or HttpWorker.$errrocode
Quit method kFalse
End If

Calculate TLSFailCode as 35
Calculate TLSFailMessage as 'Could not negotiate an SSL cipher suite'
Calculate Response as HttpWorker.$response

Calculate pErrorCode as Response.errorCode
Calculate pErrorMessage as Response.errorInfo

# Determine if this is a failure for TLS reasons.  It's confusing, but a non-failure is a success for TLS, even if it's𯿾non-200 errors.
Calculate TLSFail as Response.errorCode=TLSFailCode&pos(low(TLSFailMessage),low(pErrorMessage))>0
Quit method not(TLSFail)





Doug Easterbrook
Arts Management Systems Ltd.
mailto:doug at artsman.com <mailto:doug at artsman.com>
http://www.artsman.com <http://www.artsman.com/>
Phone (403) 650-1978

> On April 14, 2022, at 1:15 PM, Scotte Meredith <spomacguy at gmail.com <mailto:spomacguy at gmail.com>> wrote:
> 
> I have some code that has been working to access a credit card processor from a JS remote form. It has been working for a while, but in the last month has quit. Talked with the credit card processor and they swear nothing has changed on their end.
> 
> I've $init'd the worker and called $run. I put a breakpoint in the $completed method. The row is returning errorCode=6 and errorInfo=Could not resolve host: api.emergepay-sandbox.chargeitpro.com <http://api.emergepay-sandbox.chargeitpro.com/>
> 
> Sure enough, if I try to go to that site in a browser, it says it cannot connect.
> 
> However, the code in the $init passed in https://api.emergepay-sandbox.chargeitpro.com <https://api.emergepay-sandbox.chargeitpro.com/>. If I try to go to that URL in a browser, it is successful. It seems like the "https://" is not being respected. If I step back through the code a number of times, sometimes I will get a connection and the right info is returned.
> 
> This occurs with using either $run or $start. 
> 
> Any ideas on what I should be looking for? 
> 
> This is occurring on both Studio 8.1.6 and 10.2 (30204) in Windows with similar issues on Mac. I'm going to install (31315) on that machine and see if it makes a difference.
> 
> 
> 
> Scotte Meredith
> spomacguy at gmail.com <mailto:spomacguy at gmail.com>
> 509/998-0991
> 
> 
> 
> 
> _____________________________________________________________
> Manage your list subscriptions at https://lists.omnis-dev.com
> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com 



More information about the omnisdev-en mailing list