Jump to content

Welcome, Guest!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

veganline

Recommended PHP parameters Could not make a secure connection with PayPal. Your store might not be able to process payments.

Recommended Posts

I'm installing and get the error message "Recommended PHP parameters Could not make a secure connection with PayPal. Your store might not be able to process payments." as on the screen shot.

I don't want to use the paypal module but can't see how to remove it at this point or make it work.

I have checked php settings to match suggested ones on a small server that managed to host prestashop 1.6.

The secure server is from cloudflare.

How can I carry-on installing? - answers appreciated.

Untitled.jpg

  • Like 1

Share this post


Link to post
Share on other sites

Unfortunately PayPal killed the domain that was used to test for TLS 1.2 compatibility. Why they did this is a mystery but it means the TLS 1.2 test will always fail.

You can test for TLS 1.2 compatibility from the shell with this command:

openssl s_client -connect google.com:443 -tls1_2

If you get a successful connection to Google from the command line with that command then TLS 1.2 is working.

Unfortunately this still won't help with the PayPal test, it will always show as failed. You can edit the /modules/paypal/paypal.php file to force it to always return OK though. Starting on line 401 of the paypal.php file:

comment out these lines by adding // at the start of each line:

        $response = $guzzle->get('https://tlstest.paypal.com/');

        if ((string) $response->getBody() === 'PayPal_Connection_OK') {
            $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);
        } else {
            $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_ERROR);
        }

 

Then you want to add this line:

$this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);

 

You can make a blank line if you like or just put it on line # 402. My tlsCheck function looks like this:

    protected function tlsCheck()
    {
        $guzzle = new \GuzzleHttp\Client(
            [
                'timeout'     => 10.0,
                'verify'      => _PS_TOOL_DIR_.'cacert.pem',
                'http_errors' => false,
            ]
        );
        
        $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);
        
        //$response = $guzzle->get('https://tlstest.paypal.com/');

        //if ((string) $response->getBody() === 'PayPal_Connection_OK') {
        //    $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);
        //} else {
        //    $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_ERROR);
        //}
    }

 

Once you have this done when you click on the "Check for TLS v1.2 support" button in the PayPal module it will ALWAYS tell you that TLS 1.2 is supported, even if it is not. That is why you have to manually check if TLS 1.2 is supported using the shell command I listed at the start.

Share this post


Link to post
Share on other sites
4 hours ago, veganline said:

How can I carry-on installing? - answers appreciated.

You don't have to do anything at this point, just click on Next. Once you get TB installed you can follow my directions above.

This isn't a TB-specific problem. Everyone used the same PayPal server to test TLS 1.2 compatibility (it was designed for it) and then PayPal just decided to take the server down. Thanks PayPal.

Share this post


Link to post
Share on other sites

Thanks Dyambee!
I'm still stuck on the detail although I'm sure that's part of the problem.

If I click "next", nothing happens.

If I search the TB1.1 files for "paypal", I find nothing relevant - no paypal module in the modules folder for example.

All ideas welcome.Untitled.thumb.jpg.d975ce5d2b1b26ca06ad3fd8a743d2df.jpg

Share this post


Link to post
Share on other sites

That's odd. I installed TB 1.1 earlier today and was able to get it installed even with that error. Maybe click the "refresh these settings" button once and then click Next?

Edit: The PayPal module changes happen after the system is installed and after you have installed the PayPal module.

Edited by dynambee

Share this post


Link to post
Share on other sites

I should post in the installation forum. Yes; it's the "Refresh" that doesn't work for me. As it is, I press refresh and the page code still says <input id="btNext" class="button little disabled" type="submit" name="submitNext" value="Next" disabled="disabled" />

temporary link

Edited by veganline
temporary link

Share this post


Link to post
Share on other sites

After digging around a bit I think the test code is in the /classes/ConfigurationTest.php file.

Starting from line 324 is function testTlsv12():

    public static function testTlsv12()
    {
        $guzzle = new GuzzleHttp\Client([
            'verify'  => _PS_TOOL_DIR_.'cacert.pem',
            'timeout' => 20,
        ]);

        $success = false;
        try {
            $response = $guzzle->get('https://tlstest.paypal.com/');
            $success = (string) $response->getBody() === 'PayPal_Connection_OK';
        } catch (Exception $e) {
        }

        return $success;
    }

 

Change it as follows:

    public static function testTlsv12()
    {
        $success = true;

        return $success;
    }

This will force the test to pass regardless of if your server is compatible with TLS 1.2 or not. Later, after installing the PayPal module, you will need to follow the directions in my first reply to check if you have TLS 1.2 compatibility and then disable the PayPal module TLS test as well.

Share this post


Link to post
Share on other sites

So PayPal is working fine and I have TLS v1.2 support on my server.

I updated TB to 1.1.0

I'm presuming it's OK to ignore the configuration warning in Advanced Parameters: Install TLS v1.2 support on your server.
Test result: fail

 

 

Share this post


Link to post
Share on other sites
6 hours ago, basix101 said:

I'm presuming it's OK to ignore the configuration warning in Advanced Parameters: Install TLS v1.2 support on your server.

Yes, you can ignore the error if you are confident that your server supports TLS v1.2.

The error happens because PayPal used to provide a TLS test server (tlstest.paypal.com) but they no longer do. The DNS record for that URL no longer exists and any test that relies on that URL will automatically fail, regardless of the actual server configuration.

  • Like 1

Share this post


Link to post
Share on other sites

Thirtybees on my server doesn't allow this on a first install. I spent a day digging after following the instructions above, which are great, but there is some other layer of security that I can't fool; I can get rid of the bottom half of the error message, but the top half remains and the "next" button is still disabled. I got error reporting started, but messed up somehow because the error_log report stopped but I can always start the install from scratch again. Maybe I should because the results are quite precise. Different work-around got line 166 or 168 in results like this:

PHP Warning:  call_user_func_array() expects parameter 1 to be a valid callback, class 'ConfigurationTest' does not have a method 'testTlsv12' in /home/veganlin/public_html/x/classes/ConfigurationTest.php on line 168
So I need to fool the code into thinking that a proper test has been done, or find some other way to stop it disabling the "next" button. Any help appreciated as I am probably too old to return the favor in bed cheers john PS Experimenting, I somehow got another error message that looked quite helpful, once. If I knew how to get more like this I could probably solve the problem myself. I don't remember what experiment it refers to, but it goes like this: [27-Sep-2019 18:03:06 UTC] PHP Fatal error:  Uncaught Error: Call to undefined method InstallModelSystem::checkOptionalTests() in /home/veganlin/public_html/x/install/controllers/http/system.php:83 Stack trace: #0 /home/veganlin/public_html/x/install/classes/controllerHttp.php(197): InstallControllerHttpSystem->display() #1 /home/veganlin/public_html/x/install/trystart.php(34): InstallControllerHttp::execute() #2 /home/veganlin/public_html/x/install/index.php(56): require_once('/home/veganlin/...') #3 {main}   thrown in /home/veganlin/public_html/x/install/controllers/http/system.php on line 83 [![Untitled.jpg](//forum.thirtybees.com/applications/core/interface/js/spacer.png)](https://forum.thirtybees.com/uploads/monthly_2019_09/Untitled.jpg.59760fda0ceb56b2ed379b02a00905a2.jpg)

Untitled.jpg

Edited by veganline
added strange error message

Share this post


Link to post
Share on other sites
33 minutes ago, veganline said:

Thirtybees on my server doesn't allow this on a first install. I spent a day digging after following the instructions above, which are great, but there is some other layer of security that I can't fool; I can get rid of the bottom half of the error message, but the top half remains and the "next" button is still disabled. I got error reporting started, but messed up somehow because the error_log report stopped but I can always start the install from scratch again. Maybe I should because the results are quite precise. Different work-around got line 166 or 168 in results like this:

Was this after following the second set of instructions I provided, the ones in this comment?

If so then I don't know how to advise. @lesley, this seems to be something that needs to be rectified in a new release soon if it is blocking people from installing TB.

  • Like 1

Share this post


Link to post
Share on other sites

Try going one level higher: 

\classes\ConfigurationTest.php from line 75 and further

There you find the functions getDefaultTests() and getDefaultTestsOp()

In my installation 'Tlsv12' is in getDefaultTestsOp() and not run at all. Anyway, just delete it from both.

Share this post


Link to post
Share on other sites
16 hours ago, musicmaster said:

ConfigurationTest.php

Thanks for the idea! Same result though: if I comment out line 128
// 'Tlsv12'          => false,
I get the same result as when I put-in the fake test result, which is "please correct the errors below" but no errors.

Oddly enough the code mentions this being an optional test.
Is there any way I can learn more about diagnosing and bug-checking?
It looks as though something other than the Tlsv12 test is not working, maybe on my server.

Edited by veganline
grammar

Share this post


Link to post
Share on other sites

Where do you want to install it ? on a dedicated server ? which OS and wich version ? Also wich version of mysql and php do you use ?

a simple file containing the next code will tell you all of that.
 

<?php

phpinfo();

?>

 

Share this post


Link to post
Share on other sites

Temporary link to the full detail

Apache Version 2.4.41
PHP Version 7.3.8 Set to 7.1.31 for compatibility
MySQL Version 10.0.38-MariaDB
Architecture x86_64
Operating System linux

"Our servers run the latest, stable MySQL server, version 5"
https://www.xilo.net/shared_web_hosting/ (it's a very fast service if it works, by the way; otherwise similar to others and with Installatron that doesn't install TB)


Shared server tested for size on previous test Prestashop 1.6 versions, which ran into file permission problems and kept trying to lock me out so I decided to move to thirtybees.  

Tested past the system compatibility stage for the PS1.6 and  1.7 installer except "cannot open external urls" on 1.6. Not tested on the database.

Thanks for the idea. I'll look for incompatibilities.

Edited by veganline
PS1.7 result / Mysql blurb / xilo reference

Share this post


Link to post
Share on other sites

Your error message was:

Quote

Uncaught Error: Call to undefined method InstallModelSystem::checkOptionalTests() 

This function checkOptionalTests() is in the file install/models/system.php. Can you have a check whether it is indeed there on your system?

 

Share this post


Link to post
Share on other sites

It's there as new, but in the course of digging I might have tried deleting lines 54-7:
//    public function checkOptionalTests()
//    {
//        return self::checkTests(ConfigurationTest::getDefaultTestsOp());
//    }

so I tried doing that again and got a long error message with stack trace errors that looks familiar. If I restore those lines, I get the usual error screen with the greyed-out "next" button, "please...errors below" and no errors shown

Thanks for the idea and for your help 

Share this post


Link to post
Share on other sites

This should force the optional tests to return as OK, regardless of if any of them are not okay or not:

    public function checkOptionalTests()
    {
        return 'success';
    }

The optional checks test for GZIP being enabled for faster web serving and to see if TLS 1.2 is enabled. Forcing a return of success will skip these two tests.

 

 

 

Share this post


Link to post
Share on other sites
Posted (edited)

Solved! (or identified and worked-around)
The optional error messages were a distraction from versions 1.08 and 1.1 not installing where version 1.07 does, as in the thread below, for reasons unknown. Thanks for everybody who has spent time on this and made suggestions. I suppose further solutions belong in that thread.

 

Edited by veganline
format / bold underline on results

Share this post


Link to post
Share on other sites

Got it. @veganline kindly gave me access to the server.

The TLSv1.2 message is a red herring. Test fails, but it's an optional test, which doesn't prohibit installation.

Actual issue was a missing error message. The test for ensuring PHP's fopen() takes URLs failed, but didn't report an error, because there is no matching error message. Setting allow_url_fopen in php.ini to 1 should allow installation. And I'll add the missing error message to the sources, of course.

Share this post


Link to post
Share on other sites
11 hours ago, Traumflug said:

The TLSv1.2 message is a red herring. Test fails, but it's an optional test, which doesn't prohibit installation.

Actual issue was a missing error message. The test for ensuring PHP's fopen() takes URLs failed, but didn't report an error, because there is no matching error message. Setting allow_url_fopen in php.ini to 1 should allow installation. And I'll add the missing error message to the sources, of course.

Nice catch.

I was wondering whether it wouldn't be possible to centralize the test information. Now we have

 - ConfigurationTest.php listing the tests that need to be done and doing the tests. 

 - AdminInformationController.php for the error messages in an active shop

 - install/controllers/http/system.php for the error messages during installation

It was this complexity that made this problem so hard to solve.

Wouldn't it be possible to centralize everything in ConfigurationTest.php. For example by having a more complex array of tests that includes the error messages?

Share this post


Link to post
Share on other sites
12 hours ago, Traumflug said:

Actual issue was a missing error message. The test for ensuring PHP's fopen() takes URLs failed, but didn't report an error, because there is no matching error message. Setting allow_url_fopen in php.ini to 1 should allow installation. And I'll add the missing error message to the sources, of course.

That makes a lot more sense, and explains why I could install with that error displayed but OP could not.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...