Woocommerce + Stripe - TLS 1.0

MoiMM · October 16, 2017, 4:23pm

Hello everyone,

Sorry, i’m french and my english is very bad !

I have start a WP website with woocommerce and add Stripe for CB payments.

the first command with CB was a fail command.

When i go in admin on the command page and i see the the “Command Note” i have this message :

"Stripe no longer supports API requests made with TLS 1.0. Please initiate HTTPS connections with TLS 1.2 or later. You can learn more about this at https://stripe.com/blog/upgrading-tls."
(See screenshot > https://www.evernote.com/l/ACXSTDFSdnFHsY0c9QivZox0ZLffN8WpWboB/image.png)

When i go on Stripe admin to see the API version i have :
“You’re using API version 2017-08-15 - LATEST”
(See the screenshot > https://www.evernote.com/l/ACXI5-xtLlBJZJ--xcNawNjY4DLZ1tIVWgEB/image.png)

I have made a test on ssllabs.com and the website rating is A
https://www.ssllabs.com/ssltest/analyze.html?d=huacos.com

My question … the payment have fail just because the client browser not support TLS 1.2 or it’s another issue ?

Thx for your help.
Best regards,

jmorahan · October 16, 2017, 4:48pm

It’s complaining about API requests. From the description you linked, it seems those are sent from your server, rather than the browser. So you need to make sure that the libraries you’re using to talk to the API are using TLS 1.2. For example maybe you need to update php-curl or openssl or similar packages on your server?

MoiMM · October 16, 2017, 5:30pm

Thx a lot for your answer @jmorahan,

I don’t know if it’s a start of answer, but i have see the Stripe log.

I have 2 log for the command.

first for token and second for charges
screenshot > https://www.evernote.com/l/ACUqofGURkhDR5lDZ7Wrm8cuprGkhsSmqoQB/image.png)

For token that ok … API is latest
screenshot > https://www.evernote.com/l/ACXscJ2OlRFLY79P-dgtAK6DnOKQJTLtBHAB/image.png)

but for charges (5 seconds after) the TLS version is 1.0 ?
(screenshot > https://www.evernote.com/l/ACXAOgd1w6pJpYFgMCA8kycyozzKyAri3bQB/image.png)

I have send a mail to the Stripe Support, i wait their answer.

Best regards,

jmorahan · October 16, 2017, 5:41pm

Right. So if you look closely at the “Source” field, you see that the “tokens” request comes from Chrome, which does support TLS 1.2, so that works fine. The second request, to “charges”, comes from WooCommerce itself. That is, it comes from your server. So your server is not supporting TLS 1.2 for outgoing requests, even though (as you’ve seen from the SSL Labs test) it does support TLS 1.2 for incoming requests.

I’m not familiar with WooCommerce so I don’t know exactly what you need to upgrade to make it work with TLS 1.2 for outgoing requests. I still think curl (or php-curl) and/or openssl are the most likely candidates. Or perhaps WooCommerce itself, or WordPress.

Patches · October 16, 2017, 9:48pm

This is the result of a bug with TLS negotiation in older openssl/php/curl combos.

There is a workaround you can apply to the Stripe plugin’s code at:

Or you could upgrade your operating system, as newer versions of PHP and curl use TLS v1.2 correctly.

MoiMM · October 16, 2017, 10:04pm

Thx a lot @Patches for your answer,

The website use PHP 7 !

I see your link for see i can do this …

Thx a gain !

Patches · October 16, 2017, 11:16pm

It really depends on the curl version.

Maybe php 7 streams do better, but curl is required by this plugin.

MoiMM · October 17, 2017, 8:48am

Thx a lot again @Patches,

I have see my phpinfo… the cUrl is 7.21.0 version !
I wait again a answer of OVH support …

Nice day !

Patches · October 17, 2017, 9:20am

That means they’re still running Debian Squeeze?

That supposedly isn’t supported at all:

https://support.stripe.com/questions/how-do-i-upgrade-my-openssl-to-support-tls-1-2

It appears that you can switch your runtime environment from Legacy to Stable in the OVH control panel to update from Squeeze to Jessie:

This should resolve your issue.

MoiMM · October 17, 2017, 9:48am

Many many many thx @Patches !

I try to switch on Stable version to see if that change something !

MoiMM · October 17, 2017, 10:04am

After switch on Stable mode ... i have test the website with this WP plugin "TLS 1.2 Compatibility Test"

https://wordpress.org/plugins/tls-1-2-compatibility-test/

The plugin say the website is TLS 1.2 Enabled !!!

Now i try with a real payment with Stripe ... but that sound good !

Again big thanks @Patches !

MoiMM · October 17, 2017, 11:23am

Just a last message for say this topic is close !
I have try a Stripe payment and that’s work ! :nada:
… and it’s thanks to the help of @Patches !
Thx a lot !

system · November 16, 2017, 11:23am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.