?
Solved

How do I force VB.Net (2010) to use TLS as required by PayPal changes?

Posted on 2014-11-21
16
Medium Priority
?
658 Views
Last Modified: 2016-03-24
We need to update our app (running on WinXP) to successfully post transactions to PayFlowPro which is disabling SSL 3.0 on 12/3.  We are using MSXML2.XMLHTTP in vb.net to post the transactions like this:
       
        Dim xmlHTTP As MSXML2.XMLHTTP = New MSXML2.XMLHTTP
        xmlHTTP.open("POST", strURL, False)
        xmlHTTP.setRequestHeader("Content-Type", "application/x-www-form-urlencoded")
        System.Windows.Forms.Application.DoEvents()
        xmlHTTP.send(snd)
        resp = xmlHTTP.responseText

I tried putting the following above the dim statement:
       'System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
but it didn't change anything.  Anyone have any idea how to accomplish this?
0
Comment
Question by:Dalexan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 4
16 Comments
 
LVL 58

Expert Comment

by:Gary
ID: 40458040
There is no reason your pc would be using SSL unless you specifically tell it to or you don't have TLS installed (which is highly unlikely)
0
 
LVL 58

Expert Comment

by:Gary
ID: 40458054
...assuming you have SP3 installed
0
 

Author Comment

by:Dalexan
ID: 40458071
We do have SP3 installed.  Their server site, https://payflowpro.paypal.com, works fine, but their test site that has been set up to not allow SSL3.0, https://developer.paypal.com/docs/classic/lifecycle/ug_sandbox, fails.  I/m not sure what else it would be.
0
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

 
LVL 58

Expert Comment

by:Gary
ID: 40458095
You have this
'System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls

but it's commented out, is that a typo?
0
 

Author Comment

by:Dalexan
ID: 40458112
No, I tried that but it didn't help so I commented it back out...I did forget to mention, the execution gets through the open call, but fails on the POST call with "Error 53 - System error -2146697208"...no other system or application log entries.
0
 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 40458114
Not that there's much difference in the end result, but why are you using MSXML2.XMLHTTP and not something like WebClient or HttpWebRequest, which are already a part of the Framework? Why the COM?

I agree with Gary that the commented-out line should be what you need. I was just playing around with this the other day, and changing that line altered which SSL suite was in play.
0
 

Author Comment

by:Dalexan
ID: 40458124
This is code we have had in place for quite some time, so, as long as it works we've avoided making any changes.  Would the position of the SecurityProtocol assignment make a difference?  I had it in the code above the Dim xmlHTTP statement...
0
 
LVL 58

Expert Comment

by:Gary
ID: 40458129
Try it with

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

What version of .net are you using?
0
 

Author Comment

by:Dalexan
ID: 40458141
The autocomplete only shows Ssl3 and Tls...no Tls12 option. .NET Framework 4 is the target framework in the app Compile tab.
0
 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 40458143
Now that I think about it, that setting may not have any impact on MSXML2.XMLHTTP. That's a small block of code; can we try replacing it with the following?

Using client As New System.Net.WebClient()
    System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
    client.Headers("Content-Type") = "application/x-www-form-urlencoded"
    System.Windows.Forms.Application.DoEvents()
    resp = client.UploadString(snd)
End Using

Open in new window

0
 

Author Comment

by:Dalexan
ID: 40458161
Well, that got me a little further, I think...I got "5 - The remote server returned an error: (500) Internal Server Error"
0
 

Author Comment

by:Dalexan
ID: 40458162
btw, I had to add strurl as the first parameter to the UploadString...
0
 
LVL 75

Accepted Solution

by:
käµfm³d   👽 earned 2000 total points
ID: 40458164
Is the value in strURL your server or PayPal?
0
 

Assisted Solution

by:Dalexan
Dalexan earned 0 total points
ID: 40458178
0
 
LVL 75

Assisted Solution

by:käµfm³d 👽
käµfm³d   👽 earned 2000 total points
ID: 40458199
As far as I can tell, the above is what you need. The only other thing I can suggest would be to use a tool like Fiddler and examine the request that's going out to ensure it is formatted correctly. 500s usually indicate a problem on the server, not the client. You may have to contact PayPal to find out why they are returning 500s in certain scenarios.
0
 

Author Closing Comment

by:Dalexan
ID: 40681926
After speaking with Paypal support there was an issue with our account setup and this feature was not activated or partially activated on our account which was throwing error conditions.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A theme is a collection of property settings that allow you to define the look of pages and controls, and then apply the look consistently across pages in an application. Themes can be made up of a set of elements: skins, style sheets, images, and o…
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question