Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Official PayPal IPN Support Thread


Mark Evans

Recommended Posts

Your key and your certificate can remain the same when you switch between live and sandbox.

 

But, when you switch from live to sandbox you need to switch the PayPal certificate file and the Your PayPal Public Certificate ID.

 

In other words you can upload the same certificate to PayPal's live site that you upload to PayPal's sandbox, but each will issue you a unique PayPal Public Certificate ID. So you have to just switch the number in your PayPal IPN module.

 

Likewise, apparently PayPal doies not use the same public certficate for their live site that they do for their sandbox site.

 

When I switch I also change the PayPals Public Certificate. I keep both in my certificate directory with different names, and just change the file path in the PayPal module when I switch from live to sandbox.

 

I am still stuck! I've tried everything! I am going crazy working on this. What do these errors mean? I don't mean to waste space but I need to advice.

Question does the Private Key & Public Certificate need to be saved in .pem format?

 

PayPal IPN

 

Enable PayPal IPN Module

True

 

E-Mail Address

myaddress.com

 

Transaction Currency

Only USD

 

Payment Zone

--none--

 

Set Preparing Order Status

Preparing [PayPal IPN]

 

Set PayPal Acknowledged Order Status

default

 

Gateway Server

Testing

 

Transaction Type

Per Item

 

Page Style

 

 

Debug E-Mail Address

myaddress.com

 

Sort order of display.

0

 

Enable Encrypted Web Payments

True

 

Your Private Key

/home/mydomain/public_html/mydomain.com.key

 

Your Public Certificate

/home/mydomain/public_html/mydomain.com.crt

 

PayPals Public Certificate

/home/mydomain/public_html/paypal_cert_pem.txt

 

Your PayPal Public Certificate ID

*****************

 

Working Directory

/home/mydomain/public_html/store/temp/

 

OpenSSL Location

/usr/bin/openssl

 

 

 

Warning: fopen(/home/mydomain/public_html/store/temp//604312-6-data.txt): failed to open stream: Permission denied in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 349

 

Warning: fwrite(): supplied argument is not a valid stream resource in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 350

 

Warning: fclose(): supplied argument is not a valid stream resource in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 351

 

Warning: openssl_pkcs7_sign(): error opening input file /home/mydomain/public_html/store/temp//604312-6-data.txt! in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 356

 

Warning: unlink(/home/mydomain/public_html/store/temp//604312-6-data.txt): No such file or directory in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 358

 

Warning: file_get_contents(/home/mydomain/public_html/store/temp//604312-6-signed.txt): failed to open stream: No such file or directory in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 361

 

Warning: fopen(/home/mydomain/public_html/store/temp//604312-6-signed.txt): failed to open stream: Permission denied in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 365

 

Warning: fwrite(): supplied argument is not a valid stream resource in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 366

 

Warning: fclose(): supplied argument is not a valid stream resource in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 367

 

Warning: unlink(/home/mydomain/public_html/store/temp//604312-6-signed.txt): No such file or directory in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 373

 

Warning: file_get_contents(/home/mydomain/public_html/store/temp//604312-6-encrypted.txt): failed to open stream: No such file or directory in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 376

 

Warning: unlink(/home/mydomain/public_html/store/temp//604312-6-encrypted.txt): No such file or directory in /home/mydomain/public_html/ecommerce/os/catalog/includes/modules/payment/paypal_ipn.php on line 380

Link to comment
Share on other sites

the pem format is what is inside the file, it does not have to be named with a .pem extension. The names you are using are ok.

Rik Rasmussen

Link to comment
Share on other sites

is your temp directory in the wrong place?

 

Look at the location in those error messages.

 

My temp is in my catalog directory.

Edited by RikR

Rik Rasmussen

Link to comment
Share on other sites

is your temp directory in the wrong place?

 

Look at the location in those error messages.

 

My temp is in my catalog directory.

 

I create a temp (directory) in my catalog directory. My temp is just a directory we create in our file manager correct?

 

Is there anything in the ipn.php file we need to change?

 

I am just brainstorming right now.

 

Thanks!

Link to comment
Share on other sites

Your key and your certificate can remain the same when you switch between live and sandbox.

 

But, when you switch from live to sandbox you need to switch the PayPal certificate file and the Your PayPal Public Certificate ID.

 

In other words you can upload the same certificate to PayPal's live site that you upload to PayPal's sandbox, but each will issue you a unique PayPal Public Certificate ID. So you have to just switch the number in your PayPal IPN module.

 

Likewise, apparently PayPal doies not use the same public certficate for their live site that they do for their sandbox site.

 

When I switch I also change the PayPals Public Certificate. I keep both in my certificate directory with different names, and just change the file path in the PayPal module when I switch from live to sandbox.

 

Ok, I switched back to the sandbox for testing. I'm not getting the errors on my page(s) anymore, but I'm receiving the following when sent on paypal:

 

Error Detected

--------------------------------------------------------------------------------

The email address for the business is not present in the encrypted blob. Please contact your merchant.

 

I've tried just about everything I can think of...

1) I've deleted and recreated ALL crt's & keys using the primary email address on the PayPal Account, the secondary, etc, resubmitted to paypal and recieved ID & crts from them. Tried to place an order & I still get the same error, over and over and over.

2) I've submitted a support ticket to paypal. I still haven't heard anything from that tho.

 

Is there anyone else that is using a shared SSL from their host? Could the "email blob" response be because it's a shared SSL with their email addy in it?? I really can't afford to purchase my own. I've priced them and $2,000+ is just a bit to much for an unemployed student to put out! I checked freessl.com and their "free" is only free for 30 days! So...

 

1) Does OpenSSL "generate" crts & keys? My host uses cURL or something like that I think from CPanel (I've tried sending an email to support@myhost, they are not the greatest.

2) How would I "install" OpenSSL on my site? The directions/instructions on openssl aren't very clear for a newbie like me.

3) Would this or could this, even possibly solve my problem?

 

Thanks!

Link to comment
Share on other sites

Are you sure you have put the correct email address in the PayPal IPN module for your PayPal account?

 

I paid $55 for my ssl, my host installed it for me. I did also have to pay a little more for a dedicated IP address.

 

How did you decide it would cost $2,000?

Rik Rasmussen

Link to comment
Share on other sites

Are you sure you have put the correct email address in the PayPal IPN module for your PayPal account?

 

I paid $55 for my ssl, my host installed it for me. I did also have to pay a little more for a dedicated IP address.

 

How did you decide it would cost $2,000?

 

The email address used in the PPIPN is NOT the primary email address for the Pay Pal account. It's an additonal, or secondary, email address. Does the email address have to be the primary? When logged in to PayPal under Profile>Account Information>Email "[email protected]" is not listed as primary, does it need to be??

 

Cost(s) of ssl... I checked on verisign among other.... and they were quite expensive and we don't have a dedicated IP address either. Would this make a difference?

Link to comment
Share on other sites

I'm having a problem where orders are marked as "Preparing [Pay Pal IPN]" when customers checkout, but it is not marking them as paid once they complete the process. I have verified this myself by completing some orders myself.

 

Any ideas? These are my settings:

 

PayPal IPN

 

Enable PayPal IPN Module

True

 

E-Mail Address

[email protected]

 

Transaction Currency

Selected Currency

 

Payment Zone

--none--

 

Set Preparing Order Status

[PayPal] Started

 

Set PayPal Acknowledged Order Status

[PayPal] Completed

 

Gateway Server

Live

 

Transaction Type

Per Item

 

Page Style

 

 

Debug E-Mail Address

[email protected]

 

Sort order of display.

0

 

Enable Encrypted Web Payments

False

 

Your Private Key

 

 

Your Public Certificate

 

 

PayPals Public Certificate

 

 

Your PayPal Public Certificate ID

 

 

Working Directory

 

 

OpenSSL Location

/usr/bin/openssl

Link to comment
Share on other sites

There have been a lot of times recently when PayPal IPNs have been very delayed. Give it an hour or two and see if the status changes.

Rik Rasmussen

Link to comment
Share on other sites

The email address used in the PPIPN is NOT the primary email address for the Pay Pal account.  It's an additonal, or secondary, email address.  Does the email address have to be the primary?  When logged in to PayPal under Profile>Account Information>Email "[email protected]" is not listed as primary, does it need to be??

 

Cost(s) of ssl...  I checked on verisign among other.... and they were quite expensive and we don't have a dedicated IP address either.  Would this make a difference?

 

 

Either email address should work.

 

Shop around for the SSL. You probably do not need the most expensive.

 

Places like GoDaddy run about $55.00 (might have been for two years, I forget) for a "turbo" level. That is what I have and it works fine.

 

Just copied this from my receipt:

 

QTY ITEM PRICE 1 Turbo SSL (2 Years) 55.90

Rik Rasmussen

Link to comment
Share on other sites

Either email address should work.

 

Shop around for the SSL. You probably do not need the most expensive.

 

Places like GoDaddy run about $55.00 (might have been for two years, I forget) for a "turbo" level. That is what I have and it works fine.

 

Just copied this from my receipt:

 

QTY ITEM PRICE 1 Turbo SSL (2 Years) 55.90

 

Rik,

To say we're "disgruntled" with our host would be an understatement at the moment. We've decided to move. You stated that your SSL is through goDaddy.com. Is this where you host your site? Since we've been having so many problems with them, we've done some research and have found that the issue is with out hosting service, no OSCommerce or PayPal. Any recommendations?

Thanks

Link to comment
Share on other sites

Rik,

To say we're "disgruntled" with our host would be an understatement at the moment.  We've decided to move.  You stated that your SSL is through goDaddy.com.  Is this where you host your site?  Since we've been having so many problems with them, we've done some research and have found that the issue is with out hosting service, no OSCommerce or PayPal.  Any recommendations?

Thanks

 

Couldn't help but notice your plight, and I thought I'd chime in with an unsolicited solution:

 

The company I host with, WebzPro, has been EXCELLENT in every facet of our requirements for a client's osC customization. We have a reseller plan through them for $29.95/mo + $3.00 for a dedicated IP (needed for a bug-free SSL installation with regards to osC). I think we purchased an SSL cert through them (via GeoTrust) for around $50/year. They installed it for us and made everything work flawlessly. I've had a lot of web hosts during the duration of my company's web development company, and I will never have another one again. These guys go beyond the extra mile to make sure everything runs smoothly for you. Their response time for support inquiries is usually less than 10 minutes. They've even helped us with some of the osC bumps and bruises we've run into during our customization. You won't be disappointed - enough said.

cxdi_logo_100x45.gif
Link to comment
Share on other sites

Rik,

To say we're "disgruntled" with our host would be an understatement at the moment.  We've decided to move.  You stated that your SSL is through goDaddy.com.  Is this where you host your site?  Since we've been having so many problems with them, we've done some research and have found that the issue is with out hosting service, no OSCommerce or PayPal.  Any recommendations?

Thanks

 

Rik,

 

After doing a little research I am seriously considering an SSL through godaddy.com. To make sure I have this correct godaddy.com gives

both the private key & public key after we submit a csr.

We download it into our webserver create the absolute paths along with paypal's

text file and it should be good to go?

Link to comment
Share on other sites

Hi all,

 

I have installed the paypal_ipn contribution. It all seems to work fine until the pay button is clicked on the paypal web site. Am getting a message saying that the paypal session has expired and need to fill in the details again. As it took only a 2 minutes to add the details it is perplexing what the cause of the problem is. Does anyone have any ideas?

 

Thanks

Link to comment
Share on other sites

Couldn't help but notice your plight, and I thought I'd chime in with an unsolicited solution:

 

The company I host with, WebzPro, has been EXCELLENT in every facet of our requirements for a client's osC customization. We have a reseller plan through them for $29.95/mo + $3.00 for a dedicated IP (needed for a bug-free SSL installation with regards to osC). I think we purchased an SSL cert through them (via GeoTrust) for around $50/year. They installed it for us and made everything work flawlessly. I've had a lot of web hosts during the duration of my company's web development company, and I will never have another one again. These guys go beyond the extra mile to make sure everything runs smoothly for you. Their response time for support inquiries is usually less than 10 minutes. They've even helped us with some of the osC bumps and bruises we've run into during our customization. You won't be disappointed - enough said.

 

:) Thanks for the referral!!! We've switched to WebzPro! Definately looks like the way to go and after speaking with the owner directly, he addressed all of my concerns and then some! I'm impressed and will be moving the remainder of my sites to WebzPro! B)

Link to comment
Share on other sites

WVSailor,

 

Glad to hear you have found a good host.

 

I actually purchased my SSL from my host, but they resell for GoDaddy. Your host may also give you "one stop shopping" and handle the install for you.

 

I do not use my "paid for" SSL on my PayPal encryption. I had it installed for the SSL of my osC site.

 

I am using a key and cert I created on the host's cPanel for my PayPal encryption. I did that before I bought the SSL for the rest of the site.

 

I suppose the same key and cert could be used for both.

Rik Rasmussen

Link to comment
Share on other sites

Rik,

 

After doing a little research I am seriously considering an SSL through godaddy.com.  To make sure I have this correct godaddy.com gives

both the private key & public key after we submit a csr.

We download it into our webserver create the absolute paths along with paypal's

text file and it should be good to go?

 

 

I would get with your host service about the installation of the SSL.

Rik Rasmussen

Link to comment
Share on other sites

Hi all,

 

I have installed the paypal_ipn contribution.  It all seems to work fine until the pay button is clicked on the paypal web site. Am getting a message saying that the paypal session has expired and need to fill in the details again. As it took only a 2 minutes to add the details it is perplexing what the cause of the problem is. Does anyone have any ideas?

 

Thanks

 

 

I have not seen that problem, but since it is a PayPal issue, all you can probably do is report it to Paypal. Probably a temporary problem. Test it again later.

 

I did not see anything about it in the PayPal forum:

 

PayPal Forum: General IPN Questions

 

http://www.paypaldev.org/forum.asp?FORUM_ID=10

Rik Rasmussen

Link to comment
Share on other sites

:) Thanks for the referral!!!  We've switched to WebzPro!  Definately looks like the way to go and after speaking with the owner directly, he addressed all of my concerns and then some!  I'm impressed and will be moving the remainder of my sites to WebzPro!  B)

 

Glad I could help. You're going to be very happy with your choice! Yeah, I was sold once the CEO of the company contacted me personally to help setup my account - that's pretty much unheard of. They'll get you setup w/ SSL in no time, too.

cxdi_logo_100x45.gif
Link to comment
Share on other sites

Glad I could help. You're going to be very happy with your choice! Yeah, I was sold once the CEO of the company contacted me personally to help setup my account - that's pretty much unheard of. They'll get you setup w/ SSL in no time, too.

 

I called to ask a couple of questions and ended up speaking with him too. To say that I'm impressed with their service would be an understatement! My site was setup, dedicated IP address, SSL and all in less than 24 hours! I'm working on the "tweaks" now and will be testing the PP IPN this evening! Again, THANK YOU!

Link to comment
Share on other sites

Problem:

 

Customer puts item in cart, checks out, gets to confirm order page and edits shipping address to add an additional address.

 

New secondary address is saved to customer's account and appears there later along with original primary address.

 

However, if customer views orders, the order is associated with the original primary shipping address, not the new address specified during check-out.

 

Also, the order, as seen in Admin/Orders, has the original default shipping address, not the new address entered and selected during checkout.

 

Obviously, the defeats the feature of being able to add additional shipping addresses.

 

 

Confirmed by two different osC store owners using the osC PayPal IPN module.

 

 

Question:

Is this a fault of basic osC, or is it a problem related to the osC PayPal IPN module.

 

Can anyone confirm if this same issue can be duplicated with a different payment module?

 

Is there any chance this might be corrected?

Edited by RikR

Rik Rasmussen

Link to comment
Share on other sites

A follow up to my message above about customer changing shipping address during checkout.

 

If at the first opportunity to select a different shipping address (or create one) the customer makes that choice , then completes the checkout/confirm process, the order is saved with the alternate shipping address.

 

It appears that if the customer makes this decision after reaching the confirm order page, the die is cast, the Paypal IPN module saves the order to the database as soon as the confirm order page is seen. At that point, what ever shipping address was being used is saved with the order, making a shipping address change after seeing the confirm order page, is too late.

 

Anyone have a suggestion on how the customer might bealerted to this behavior of the program to avoid them wrongly believing they have changed the shipping address?

Rik Rasmussen

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...