Redsys is the standard VISA payment method in Catalonia and Spain. They do not accept SNI and therefore payments do not work as expected with Letsencrypt SNI Certificates.
The error in prestashop is odd. The transaction is made but redsys fails to inform prestashop back, so you finish having some money in your account you don’t know were it came from.
If you are lucky enough, you can look at your website last customers and shopping carts and guess who bout what, but if your customer changed it’s shopping cart after buying… well, you’ll have to guess who bought what.
Anyway, It is my understanding that when our shop server starts the conversation it uses proper certificates, but when Redsys starts the conversation back, it uses old XP/Java code that do not use SNI and then the certificat used by the server is the one you have as default by the IP given.
I found no way to assign a letsencrypt certificate to an IP in Plesk. For whatever reason you cannot use your web certificates as IP certificates in plesk.
Yet, I discovered that, if you use a default website in a IP, the certificate from that website comes first that the default certificate of the IP.
So, in theory that should solve the problem.
Tip: Support people from CaixaBank has given me a document pdf, version 1.29 and dated on february 2016 that says that Letsencrypt is not accepted as a valid certificate agency. Yet there is a newer version of the same document (dated in april 2016 if i am not wrong) were Letsencrypt is in the list.
In fact they stay in their info that the certificate must be installed at IP level (true) but it does not have to have SNI. I do thing this statement is wrong.
Very professional. Very professional.