Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

Problem using Sage Pay Server 1.2 on new installation of osC


Recommended Posts

I have version of osC installed that has pretty much zero modifications made to it as of yet, just a few configuration changes to tax zones and shipping methods etc.

My plan is to try and get pretty much most of the functionality working before transferring the contents of my old DB from an 2.2 MS1 install that has been running successfully for several years now.

So right now I am trying to get the payment systems working, the standard install of paypal has been tested and is working just fine. I have downloaded and updated the Sage Pay Server module to version 1.2 and have installed this into v2.3.3.4.

I have an account with Sage Pay as this is what I use with my old live installation of osC MS1, so have been able to enter all of the correct account settings in Sage Pay Server 1.2

I am using the 'Normal' setting so as to transfer my customers over the to the Sage Pay website to enter their card data rather than doing this on my website.

Now, when I make a test transaction I am transferred to the Sage Pay website, I enter my card details, I go through 3D secure authentication, all looks well until I am returned to the checkout_payment.php page with an error as below


"Please try again and if problems persist, please try another payment method."


So I log in to 'My Sage Pay' to see what has happened according to Sage Pay. What I see here is a failed transaction with the following message:


"Transaction Summary

Transaction completed but Vendor systems returned INVALID or ERROR in response to notification POST. Transaction CANCELLED by the Vendor."


When I google the above error message from Sage Pay, I have read the following information on a forum from Sage Pay support:


"Once a transaction has been for successfully authorised using Server integration we will then send a notification of these results to your Notification URL which must be able to generate the same VPSSignature that we have provided within this post.


Whenever we receive an INVALID or ERROR response it indicates that your server is not generating the same MD5 Signature (which incorporates the Security Key that we provided at the initial transaction registration) that we are providing as the VPSSignature.


As this is the final stage of the transaction it will never be registered as a successful payment within My Sage Pay unless we receive a Status of "OK" and a Redirect URL which we will use to pass the customer over to your successful order confirmation page.


Your MD5 Signature should be built up of the following values:


VPSTxId + VendorTxCode + Status + TxAuthNo + VendorName + AVSCV2 + SecurityKey + AddressResult + PostCodeResult + CV2Result + GiftAid + 3DSecureStatus + CAVV + AddressStatus +

PayerStatus + CardType + Last4Digits


Even though the transaction has been authorised by the customers card-issuing bank you should never release an order unless the transaction is registered as a successful payment within My Sage Pay and that your server has generated the same MD5 Signature as Sage Pay. By doing this it will confirm that the transaction process has not been tampered with at any stage."


As I have a bog standard install of osC, I guess I was hoping that this module would work 'straight out of the box', but unfortunately it appears not.

I would be very grateful indeed if anybody is able to offer any advice as to where to start with trying to rectify this problem?

Thanks - Paul

Link to comment
Share on other sites

Happy to report that I found a simple solution to this problem :) So for the benefit of anybody else who may have the same issue, solution is as per below.


After reading around the Sage Pay support forums, I found out that the Sagepay 'Vendor log-in Name' MUST be entered in lower case, whereas I had entered it in Upper case.


Having put the Vendor log-in name into lower case in osC admin, all seems to work as it should do, and I have a sucessful test transaction.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...