SSL Certificate Type Required For PayPal HTTPS Web Service (Payments Pro SOAP / NVP)
Feb 25, 2011
We set up a paypal gateway on our site using paypal NVP API: Our IIS web server is set up for SSL, though I just created a cert on the locally machine. When we load HTTPS the browser gives a warning about security before the page will load. I know a local cert won't cut it for SSL, so I think we need a verisign cert? [URL] Is this correct? How can I know that the cert I am getting will get along with paypal and elimante any security warnings for the user.
View 1 Replies
Similar Messages:
Jan 17, 2011
I am developing a website with online payment. Payment is done using Paypal NVP Api. There is need of a facility to store customers credit card details(not in database) once they register to Website.There onwards whenever they order these details will be fetched, Customer need not enter their card details for every order. So is there any facility to create a profile n store credit card details of customer, as it is there for recurring payments?
View 1 Replies
Oct 27, 2010
I'm trying to get PayPal's ExpressCheckout working with Recurring Payments. I've got the first two stages (the calls to SetExpressCheckout and GetExpressCheckoutDetails) but CreateRecurringPaymentsProfile fails with the error below. I'm using a modified version of Paypal's sample code, but I suspect I'm (not) setting an encoder value. Anyone used this before? The error:
// TIMESTAMP: 2010-10-27T09:57:47Z
// CORRELATIONID: ad2b2da33c672
// ACK: Failure
// VERSION: 51.0
// BUILD: 1553277
// L_ERRORCODE0: 11502
// L_SHORTMESSAGE0: Invalid Token
// L_LONGMESSAGE0: The token is invalid
// L_SEVERITYCODE0: Error
The code I'm using is:
/// This returns true
public bool SetExpressCheckout(string amt, ref string token, ref string retMsg)
{
string host = "www.paypal.com";
if (bSandbox) {
pendpointurl = "https://api-3t.sandbox.paypal.com/nvp";
host = "www.sandbox.paypal.com";
}
string baseUrl = "http://" + HttpContext.Current.Request.Url.Authority;
string[] returnUrlParts = WebConfigurationManager.AppSettings["PaypalReturnUrl"].Split('?'),
cancelUrlParts = WebConfigurationManager.AppSettings["PaypalCancelUrl"].Split('?');
string returnURL = baseUrl + VirtualPathUtility.ToAbsolute(returnUrlParts[0]) + (returnUrlParts.Length > 1 ? '?' + returnUrlParts.Skip(1).Aggregate((itms, itm) => itms + itm) : string.Empty),
cancelURL = baseUrl + VirtualPathUtility.ToAbsolute(cancelUrlParts[0]) + (cancelUrlParts.Length > 1 ? '?' + cancelUrlParts.Skip(1).Aggregate((itms, itm) => itms + itm) : string.Empty);
NVPCodec encoder = new NVPCodec();
encoder["METHOD"] = "SetExpressCheckout";
encoder["RETURNURL"] = returnURL;
encoder["CANCELURL"] = cancelURL;
encoder["AMT"] = amt;
//encoder["PAYMENTACTION"] = "SALE";
encoder["CURRENCYCODE"] = "GBP";
encoder["NOSHIPPING"] = "1";
encoder["L_BILLINGTYPE0"] = "RecurringPayments";
encoder["L_BILLINGAGREEMENTDESCRIPTION0"] = "Subscription for MySite";
string pStrrequestforNvp = encoder.Encode();
string pStresponsenvp = HttpCall(pStrrequestforNvp);
NVPCodec decoder = new NVPCodec();
decoder.Decode(pStresponsenvp);
string strAck = decoder["ACK"].ToLower();
if (strAck != null && (strAck == "success" || strAck == "successwithwarning")) {
token = decoder["TOKEN"];
string ECURL = "https://" + host + "/cgi-bin/webscr?cmd=_express-checkout" + "&token=" + token;
retMsg = ECURL;
return true;
} else {
retMsg = "ErrorCode=" + decoder["L_ERRORCODE0"] + "&" +
"Desc=" + decoder["L_SHORTMESSAGE0"] + "&" +
"Desc2=" + decoder["L_LONGMESSAGE0"];
return false;
}
}
/// This returns true
public bool GetExpressCheckoutDetails(string token, ref string PayerId, ref string retMsg)
{
if (bSandbox) {
pendpointurl = "https://api-3t.sandbox.paypal.com/nvp";
}
NVPCodec encoder = new NVPCodec();
encoder["METHOD"] = "GetExpressCheckoutDetails";
encoder["TOKEN"] = token;
string pStrrequestforNvp = encoder.Encode();
string pStresponsenvp = HttpCall(pStrrequestforNvp);
NVPCodec decoder = new NVPCodec();
decoder.Decode(pStresponsenvp);
string strAck = decoder["ACK"].ToLower();
if (strAck != null && (strAck == "success" || strAck == "successwithwarning")) {
return true;
} else {
retMsg = "ErrorCode=" + decoder["L_ERRORCODE0"] + "&" +
"Desc=" + decoder["L_SHORTMESSAGE0"] + "&" +
"Desc2=" + decoder["L_LONGMESSAGE0"];
return false;
}
}
// This fails and returns false with the following in the decoder result
// TIMESTAMP: 2010-10-27T09:57:47Z
// CORRELATIONID: ad2b2da33c672
// ACK: Failure
// VERSION: 51.0
// BUILD: 1553277
// L_ERRORCODE0: 11502
// L_SHORTMESSAGE0: Invalid Token
// L_LONGMESSAGE0: The token is invalid
// L_SEVERITYCODE0: Error
public bool CreateRecurringPaymentsProfileCode(string token, string amount, string profileDate, string billingPeriod, string billingFrequency, ref string retMsg)
{
NVPCallerServices caller = new NVPCallerServices();
IAPIProfile profile = ProfileFactory.createSignatureAPIProfile();
profile.APIUsername = this.APIUsername;
profile.APIPassword = this.APIPassword;
profile.APISignature = this.APISignature;
profile.Environment = "sandbox";
caller.APIProfile = profile;
string host = "www.paypal.com";
if (bSandbox) {
pendpointurl = "https://api-3t.sandbox.paypal.com/nvp";
host = "www.sandbox.paypal.com";
}
NVPCodec encoder = new NVPCodec();
encoder["VERSION"] = "51.0";
// Add request-specific fields to the request.
encoder["METHOD"] = "CreateRecurringPaymentsProfile";
encoder["TOKEN"] = token;
encoder["AMT"] = amount;
encoder["PROFILESTARTDATE"] = profileDate; //Date format from server expects Ex: 2006-9-6T0:0:0
encoder["BILLINGPERIOD"] = billingPeriod;
encoder["BILLINGFREQUENCY"] = billingFrequency;
encoder["L_BILLINGTYPE0"] = "RecurringPayments";
encoder["DESC"] = "Subscription for MySite";
// Execute the API operation and obtain the response.
string pStrrequestforNvp = encoder.Encode();
string pStresponsenvp = caller.Call(pStrrequestforNvp);
NVPCodec decoder = new NVPCodec();
decoder.Decode(pStresponsenvp);
//return decoder["ACK"];
string strAck = decoder["ACK"];
bool success = false;
if (strAck != null && (strAck == "Success" || strAck == "SuccessWithWarning")) {
success = true; // check decoder["result"]
} else {
success = false;
}
StringBuilder buffer = new StringBuilder();
for (int i = 0; i < decoder.Keys.Count; i++) {
buffer.AppendFormat("{0}: {1}", decoder.Keys[i], decoder.GetValues(i).Aggregate((vals, val) => vals + "----" + val));
}
retMsg = buffer.ToString();
return success;// returns false
}
If it helps, the code which is calling it is :
NVPAPICaller ppapi = new NVPAPICaller();
NVPCodec decoder = new NVPCodec();
string retMsg = string.Empty,
token = Convert.ToString(Session["token"]),
finalPaymentAmount = "15",
payerId = Convert.ToString(Session["payerId"] ?? string.Empty); // set from SetExpressCheckout
bool shippingSuccess = ppapi.GetExpressCheckoutDetails(token, ref payerId, ref retMsg);
if (shippingSuccess) {
payerId = Session["payerId"].ToString();
btnConfirm.Enabled = false;
bool paymentSuccess = ppapi.CreateRecurringPaymentsProfileCode(token, finalPaymentAmount, DateTime.Now.ToString("yyyy-M-DTH:m:s"), "Year", "1", ref retMsg);
// but paymentSuccess is false
View 1 Replies
Nov 27, 2010
I need to implement checkout process using paypal website payments pro. I need solution/sample code for website payment pro with ASP.net/C#.
View 2 Replies
Feb 21, 2011
I have PayPal Web Payment standard successfully integrated in an ecomerce solution I'm developing. My problem is this, I want to store details of the order being placed before it is sent to PayPal but only if it is sent and not if the just fill in everything in the shopping cart and then leave the page. There are 3 ways I can think of how this might be acheived but I'm not sure how to implement them.
1. Put some code in the page_unload that stores the data fi the page the browser is being transferred to is the paypal site. However I don't a way to determine what the next page is going to be.
2. Submit the the information to PayPal from the code behind. I'm sure this should be possible but I don't know how to do it and haven't managed to find a good articles on it.
3. Assign a javascript function to the onclick on PayPal submit button that calls a servside function using PageMethods. However this just seems like a bit a bodge introduces a whole array of other problems.
View 4 Replies
Feb 17, 2010
I am creating my first e-commerce site.I have a nonprogramming ?; Does Paypal accept credit card payments or should i use a third party gateway to accept credit card payments?
View 2 Replies
Jan 12, 2010
I am completing a website on which a single object is sold. I want to put the simplest PayPal button. I created the code of the button using the instructions on pp19 to 21 of "Website Payments Standard Integration Guide".
The code that was created was :
<code>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="123456789">
<input type="image" src="https://www.paypal.com/en_US/GB/i/btn/btn_buynowCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypal.com/en_GB/i/scr/pixel.gif" width="1" height="1">
</form>
</code>
(I have altered the value value just for this post)
The HTML of the payment page is :
<code>
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Page05.aspx.vb" Inherits="Page05" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>Page05</title>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" /><link href="Eng05.css" type="text/css" rel="Stylesheet" />
</head>
<body>
<form id="Form5" method="post" runat="server">
<a id="ankera-p5"></a>
<div id="container">
<div id="inner_container">
<p>THE "ANY SMALL AD" WEB SITE</p>
<p>How to pay</p>
xxxxxxxx
<p><a href="Page11.aspx#ankera-p11" >Back to Services page</a></p>
<p><a href="Default.aspx#ankera-p1" >Back to home page</a></p>
<p></p>
</div> <!-- End of inner container -->
</div> <!-- End of container -->
</form>
</body>
</html>
</code>
I pasted in the button code where I have put "xxxxx", but it's all a mess and I can't seem to get the button to appear.
View 2 Replies
Jan 20, 2010
This is so frustrating to me. I'm doing this via standard .NET 2.0+ web services (not WCF). My application is in .NET 3.5 but I'm just adding a service reference. I've not done any SOAP WSDL sending before. I've used NVP which to me seems much more error prone and burdensome because you have to create all the wrappers yourself and if any of that third party API changes, it breaks your code. I have not a clue how to make a call using the latest PayPal WSDL. I added the service reference and I see proxy classes such as [className]Request and [className]Response but how do you actually make the CALL and send the request over the wire?
I see people have used the outdated (.NET 1.1) PayPal SDK. We do not want to use an SDK just to send a request. Isn't it much easier nowdays in .NET when using any SOAP API to invoke the request? People for example using PayPal are relying on a caller class from that SDK but again it's way, way outdated. So onto today, .NET 2.0+, I thought that you don't need all that plumbing anymore?
How would I do this? I see no good documentation on the net period on .NET 2.0 or 3.5 web services especially SOAP and it's frustrating. Sure add the service reference, use the WSDL and proxy generated class wrappers but outside this HOW to make a request is impossible to find. I'm seeing legacy ways of doing this in .NET and then I hear this is all done under the covers for you in .NET..I guess that must be .NET 2.0+ ?? Is it as simple as just making the proxy class method calls and .NET under the covers takes care of the plumbing to actually send the request over Http unlike .NET 1.1 where you had to do all the plumbing yourself?
View 5 Replies
Oct 11, 2010
I am using a Self signed certificate for HTTPS. I have it ready. what should be changed in IIS and also what should be changed in the code for https to come into affect. I need https for some pages(not all).
View 2 Replies
Jul 19, 2010
i generated a private key like- keytool -genkey -alias mview -keypass mviewpass -keystore /keystore
then exported it in form of certificate file as- -export -alias mview -keystore /home/d261733/keytool_keys/keystore -rfc -file testcert.cer this gives me two files sitting in c:
1) testcert.cer (which is the certificate)
2) keystore (which is private key)
Now i wan to sign an xml soap request like below in c# in .NET
[Code]....
View 1 Replies
Oct 11, 2010
This is in VS 2005. And IIS is 6.0. I am trying to use Self signed certificate for HTTPS. In the code i am redirecting from http to https for few pages. It is nt working fine. and in the IIS manager, for each page that i want HTTPs, i have changed its setting by checking "Require Secure Channel(SSL)" and "Require 128 bit encryption".
public void setSecureProtocol()
{
string redirectUrl = null;
bool bSecure = true;
bool SecureConnection = true;
if (bSecure && SecureConnection)
redirectUrl = Request.Url.ToString().Replace("http:", "https:");
else
if (!bSecure && SecureConnection)
redirectUrl = Request.Url.ToString().Replace("https:", "http:");
if (redirectUrl != null)
Response.Redirect(redirectUrl);
}
Pages throw me an error like this The page must be viewed over a secure channel The page you are trying to access is secured with Secure Sockets
Layer (SSL).
Please try the following:
* Type https:// at the beginning of the address you are attempting to reach and press ENTER.
HTTP Error 403.4 - Forbidden: SSL is required to view this resource. Internet Information Services (IIS)Internet Information Services (IIS) When i try to put https in the start of the URl, it wont call. I have no idea whats wrong in here. Here, Its not redirecting from http to https. For the pages that i am not redirecting in the code behind, and changing in the IIS, i can see the HTTPS when i check the two checkboxes. Internet Information Services (IIS)
View 1 Replies
Mar 30, 2011
There are 2 web-servers involved:
Webserver1 has been in the organization a few years and is hosting/running multiple websites with https encryption (app1.ourcompany.com, app2.ourcompany.com, etc). It has a valid, signed certificate.
Webserver2 is a new server, for which I am responsible. I am tasked with setting up https and getting the certificate, etc. It has a web app running on it, but it does not have a domain name (only has an IP address)...which as I recently learned, is a requirement for a signed certificate.
What I'd like to know is this -- is it possible to set up a site on Webserver1 that points to the site I'm hosting on Webserver2 (ie SiteOnWebserver2.ourcompany.com) which also utilizes the Webserver1's signed/verified certificate?
View 1 Replies
Dec 23, 2010
Do you know any web site with an invalid https certificate, so I can test if my browser detects it?
View 1 Replies
May 24, 2010
I'm new to cryptography and I'm a bit stuck:
I'm trying to connect (from my development environment) to a web service using HTTPS. The web service requires a client certificate - which I think I've installed correctly.
They have supplied me with a .PFX file. In Windows 7, I double clicked the file to install it into my Current User - Personal certificate store.
I then exported a X509 Base-64 encoded .cer file from the certificate entry in the store. It didn't have a private key associate with it.
Then, in my app, I'm attempting to connect to the service like this:
var certificate = X509Certificate.CreateFromCertFile("xyz.cer"));
var serviceUrl = "https://xyz";
var request = (HttpWebRequest) WebRequest.Create(serviceUrl);
request.ClientCertificates.Add(certificate);
request.Method = WebRequestMethods.Http.Post;
request.ContentType = "application/x-www-form-urlencoded";
I get a 502 Connection failed when I connect.
Is there anything you can see wrong with this method? Our production environment seems to work with a similar configuration, but it's running Windows Server 2003.
View 2 Replies
Apr 19, 2010
I'm trying to make my website more secured so want to install SSL certificate, for that I've requested a digital certificate from verisign and installed it succesfully in my server(IIS 5.1).
So everything is ready created the virtual directory and now im trying to access my site but now in the url its coming like http:\mysite.com but not https:\mysite.com.
what do we need to do extra other than installing the SSL certificate to convert it form HTTP to HTTPS.
View 2 Replies
Feb 8, 2010
Programatically is it possible using C# or script 1. To attach certificate to the https binding of website in IIS 7.5(from a drop down).
View 1 Replies
Jul 1, 2010
ASP.Net 2.0 Web Services automatically create both SOAP 1.1 and SOAP 1.2 bindings. Our web service, however, has SOAP extensions and custom exception handling that make the assumption that only the SOAP 1.1 binding is used (for example, the SOAP extension uses the HTTP SOAPAction header to control behavior).
I am looking to correct the code that makes these assumptions and make it work with either SOAP 1.1 or SOAP 1.2 properly. I am running into a bit of a problem in the generation of elements for our SOAP faults.
Consider the following web method implementation:
[Code]....
The SOAP 1.2 response now has the wrong qualified name for the detail element. It should be <soap:Detail>, but instead is merely <detail>, same as the SOAP 1.1 response.
It seems that the ASP.Net 2.0 framework has done quite a bit to transform a SOAPException into the appropriate form for the SOAP version, but neglected to properly handle the detail element. Additionally, they don't seem to have exposed the correct SOAP 1.2 qualified name for the detail element as was done with the SoapException.DetailElementName property.
So, what is the correct way to add a detail element to a SOAP fault response that works for both SOAP 1.1 and SOAP 1.2? Do I need to detect the SOAP version myself and hard-code the SOAP 1.2 qualified name for the detail element?
View 2 Replies
Apr 4, 2011
We have created a class to wrap the payload of web service response with common information as follows.
public class ItemResponse<T> : Response
{
/// <summary>
[code]...
View 2 Replies
Apr 1, 2011
I have to consume a public service with the following properties
1. SSL is used as Transport Level Security.
2. User credentials are used for Authorization and Message Level security
NOTE : Source Code is not available for the service.
Sample URL - [URL]
How do I consume from ASP.NET and call the exposed methods ?
View 1 Replies
Nov 26, 2010
How do I consume this SOAP web service? how do I add the request header?
[URL]
[URL]
View 1 Replies
Jul 1, 2010
I have a web service I'm converting it to wcf
I want to create a couple methods in the wcf... these will call methods in the web service
but I don't want to use soap or whatever because it is so slow
So I made a WCF service inside my web project.
Then I new up the web service and call a method...
Is it using soap? Is this just the same as calling any other method in the code? Just as fast?
View 2 Replies
Jun 17, 2010
I have a rather strange situation that I am in.
I have to write a web-service that will (among other things) communicate with another web service. When we communicate with that remote web-service we are required to use a certificate that they provided.
I am having a really hard time trying to find any sample code that does this.
I have found code for installing certs when you want to use a browser to communicate, but none when you are using a web-service to web-service and you are required to HAVE the certificate, not requiring the OTHER end to have the certificate.
So far I cannot even find code to allow me to parse throught the cert store. Samples I found online show up as errors in Visual Studio 2005.
Note: This is running one Windows 2000, designed with Visual Studio 2005, asp.net 2.0
View 1 Replies
Dec 14, 2010
Keyset does not existDescription:An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.Exception Details: System.Security.Cryptography.CryptographicException: Keyset does not existSource Error:
[Code]...
View 1 Replies
Jan 21, 2010
So I'm using the PayPal API. They require bigger companies to send an X509Certificate along with each SOAP API request. I've never heard of using a cert, it's always been just send the API signature along with an API request.
So I first created a class called
[Code].... that implements the .NET
[Code]....
One of the member methods, really the only one you have to implement is:
[Code]....
So far I'm having trouble really understanding what to pass to this method. I guess the method simply validates that the Cerfiticate is valid. So I'm not sure what ServicePoint is and what to pass into it. I assumed it was my web service reference and a proxy class within such as the
[Code].....................
View 2 Replies
Aug 6, 2010
I am trying to call a webservice, written in PHP from ASP.Net. I have added Web Reference using "Add Web Reference". The url is: http://mikikard.com/public/webservice?wsdl
In Add Web Reference Window, I can see the list of functions. But, When I try to build the Website, It gives the following Error:
Unable to import binding 'SoaptestBinding' from namespace 'http://mikikard.com/public/webservice'.
View 1 Replies
