Recommended PHP parameters Could not make a secure connection with PayPal. Your store might not be able to process payments.

[veganline]

I'm installing and get the error message "Recommended PHP parameters Could not make a secure connection with PayPal. Your store might not be able to process payments." as on the screen shot.

I don't want to use the paypal module but can't see how to remove it at this point or make it work.

I have checked php settings to match suggested ones on a small server that managed to host prestashop 1.6.

The secure server is from cloudflare.

How can I carry-on installing? - answers appreciated.

[dynambee]

Unfortunately PayPal killed the domain that was used to test for TLS 1.2 compatibility. Why they did this is a mystery but it means the TLS 1.2 test will always fail.

You can test for TLS 1.2 compatibility from the shell with this command:

openssl s_client -connect google.com:443 -tls1_2

If you get a successful connection to Google from the command line with that command then TLS 1.2 is working.

Unfortunately this still won't help with the PayPal test, it will always show as failed. You can edit the /modules/paypal/paypal.php file to force it to always return OK though. Starting on line 401 of the paypal.php file:

comment out these lines by adding // at the start of each line:

        $response = $guzzle->get('https://tlstest.paypal.com/');

        if ((string) $response->getBody() === 'PayPal_Connection_OK') {
            $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);
        } else {
            $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_ERROR);
        }

 

Then you want to add this line:

$this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);

 

You can make a blank line if you like or just put it on line # 402. My tlsCheck function looks like this:

    protected function tlsCheck()
    {
        $guzzle = new \GuzzleHttp\Client(
            [
                'timeout'     => 10.0,
                'verify'      => _PS_TOOL_DIR_.'cacert.pem',
                'http_errors' => false,
            ]
        );
        
        $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);
        
        //$response = $guzzle->get('https://tlstest.paypal.com/');

        //if ((string) $response->getBody() === 'PayPal_Connection_OK') {
        //    $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_OK);
        //} else {
        //    $this->updateAllValue(static::TLS_OK, static::ENUM_TLS_ERROR);
        //}
    }

 

Once you have this done when you click on the "Check for TLS v1.2 support" button in the PayPal module it will ALWAYS tell you that TLS 1.2 is supported, even if it is not. That is why you have to manually check if TLS 1.2 is supported using the shell command I listed at the start.

[dynambee]

4 hours ago, veganline said:

How can I carry-on installing? - answers appreciated.

You don't have to do anything at this point, just click on Next. Once you get TB installed you can follow my directions above.

This isn't a TB-specific problem. Everyone used the same PayPal server to test TLS 1.2 compatibility (it was designed for it) and then PayPal just decided to take the server down. Thanks PayPal.

[veganline]

Thanks Dyambee!
I'm still stuck on the detail although I'm sure that's part of the problem.

If I click "next", nothing happens.

If I search the TB1.1 files for "paypal", I find nothing relevant - no paypal module in the modules folder for example.

All ideas welcome.

[dynambee]

That's odd. I installed TB 1.1 earlier today and was able to get it installed even with that error. Maybe click the "refresh these settings" button once and then click Next?

Edit: The PayPal module changes happen after the system is installed and after you have installed the PayPal module.

Edited September 26, 2019 by dynambee

[veganline]

I should post in the installation forum. Yes; it's the "Refresh" that doesn't work for me. As it is, I press refresh and the page code still says <input id="btNext" class="button little disabled" type="submit" name="submitNext" value="Next" disabled="disabled" />

temporary link

Edited September 26, 2019 by veganline
temporary link

[dynambee]

After digging around a bit I think the test code is in the /classes/ConfigurationTest.php file.

Starting from line 324 is function testTlsv12():

    public static function testTlsv12()
    {
        $guzzle = new GuzzleHttp\Client([
            'verify'  => _PS_TOOL_DIR_.'cacert.pem',
            'timeout' => 20,
        ]);

        $success = false;
        try {
            $response = $guzzle->get('https://tlstest.paypal.com/');
            $success = (string) $response->getBody() === 'PayPal_Connection_OK';
        } catch (Exception $e) {
        }

        return $success;
    }

 

Change it as follows:

    public static function testTlsv12()
    {
        $success = true;

        return $success;
    }

This will force the test to pass regardless of if your server is compatible with TLS 1.2 or not. Later, after installing the PayPal module, you will need to follow the directions in my first reply to check if you have TLS 1.2 compatibility and then disable the PayPal module TLS test as well.

[basix101]

So PayPal is working fine and I have TLS v1.2 support on my server.

I updated TB to 1.1.0

I'm presuming it's OK to ignore the configuration warning in Advanced Parameters: Install TLS v1.2 support on your server.
Test result: fail

 

 

[dynambee]

6 hours ago, basix101 said:

I'm presuming it's OK to ignore the configuration warning in Advanced Parameters: Install TLS v1.2 support on your server.

Yes, you can ignore the error if you are confident that your server supports TLS v1.2.

The error happens because PayPal used to provide a TLS test server (tlstest.paypal.com) but they no longer do. The DNS record for that URL no longer exists and any test that relies on that URL will automatically fail, regardless of the actual server configuration.

[basix101]

Whew, great, Thank you...

 

[veganline]

Thirtybees on my server doesn't allow this on a first install. I spent a day digging after following the instructions above, which are great, but there is some other layer of security that I can't fool; I can get rid of the bottom half of the error message, but the top half remains and the "next" button is still disabled. I got error reporting started, but messed up somehow because the error_log report stopped but I can always start the install from scratch again. Maybe I should because the results are quite precise. Different work-around got line 166 or 168 in results like this:

PHP Warning:  call_user_func_array() expects parameter 1 to be a valid callback, class 'ConfigurationTest' does not have a method 'testTlsv12' in /home/veganlin/public_html/x/classes/ConfigurationTest.php on line 168

So I need to fool the code into thinking that a proper test has been done, or find some other way to stop it disabling the "next" button. Any help appreciated as I am probably too old to return the favor in bed cheers john PS Experimenting, I somehow got another error message that looked quite helpful, once. If I knew how to get more like this I could probably solve the problem myself. I don't remember what experiment it refers to, but it goes like this: [27-Sep-2019 18:03:06 UTC] PHP Fatal error:  Uncaught Error: Call to undefined method InstallModelSystem::checkOptionalTests() in /home/veganlin/public_html/x/install/controllers/http/system.php:83 Stack trace: #0 /home/veganlin/public_html/x/install/classes/controllerHttp.php(197): InstallControllerHttpSystem->display() #1 /home/veganlin/public_html/x/install/trystart.php(34): InstallControllerHttp::execute() #2 /home/veganlin/public_html/x/install/index.php(56): require_once('/home/veganlin/...') #3 {main}   thrown in /home/veganlin/public_html/x/install/controllers/http/system.php on line 83 [](https://forum.thirtybees.com/uploads/monthly_2019_09/Untitled.jpg.59760fda0ceb56b2ed379b02a00905a2.jpg)

Edited September 29, 2019 by veganline
added strange error message

[dynambee]

33 minutes ago, veganline said:

Thirtybees on my server doesn't allow this on a first install. I spent a day digging after following the instructions above, which are great, but there is some other layer of security that I can't fool; I can get rid of the bottom half of the error message, but the top half remains and the "next" button is still disabled. I got error reporting started, but messed up somehow because the error_log report stopped but I can always start the install from scratch again. Maybe I should because the results are quite precise. Different work-around got line 166 or 168 in results like this:

Was this after following the second set of instructions I provided, the ones in this comment?

If so then I don't know how to advise. @lesley, this seems to be something that needs to be rectified in a new release soon if it is blocking people from installing TB.

[musicmaster]

Try going one level higher: 

\classes\ConfigurationTest.php from line 75 and further

There you find the functions getDefaultTests() and getDefaultTestsOp()

In my installation 'Tlsv12' is in getDefaultTestsOp() and not run at all. Anyway, just delete it from both.

[veganline]

16 hours ago, musicmaster said:

ConfigurationTest.php

Thanks for the idea! Same result though: if I comment out line 128
// 'Tlsv12'          => false,
I get the same result as when I put-in the fake test result, which is "please correct the errors below" but no errors.

Oddly enough the code mentions this being an optional test.
Is there any way I can learn more about diagnosing and bug-checking?
It looks as though something other than the Tlsv12 test is not working, maybe on my server.

Edited September 30, 2019 by veganline
grammar

[zen]

Where do you want to install it ? on a dedicated server ? which OS and wich version ? Also wich version of mysql and php do you use ?

a simple file containing the next code will tell you all of that.
 

<?php

phpinfo();

?>

 

[veganline]

Temporary link to the full detail

Apache Version	2.4.41
PHP Version	7.3.8 Set to 7.1.31 for compatibility
MySQL Version	10.0.38-MariaDB
Architecture	x86_64
Operating System	linux

"Our servers run the latest, stable MySQL server, version 5"

Shared server tested for size on previous test Prestashop 1.6 versions, which ran into file permission problems and kept trying to lock me out so I decided to move to thirtybees.  

Tested past the system compatibility stage for the PS1.6 and  1.7 installer except "cannot open external urls" on 1.6. Not tested on the database.

Thanks for the idea. I'll look for incompatibilities.

Edited May 12, 2021 by veganline
PS1.7 result / Mysql blurb / xilo reference / removed xilo reference because they tried to kidnap my domain and put their price up: not a firm to recommend

[musicmaster]

Your error message was:

Quote

Uncaught Error: Call to undefined method InstallModelSystem::checkOptionalTests() 

This function checkOptionalTests() is in the file install/models/system.php. Can you have a check whether it is indeed there on your system?

 

[veganline]

It's there as new, but in the course of digging I might have tried deleting lines 54-7:
//    public function checkOptionalTests()
//    {
//        return self::checkTests(ConfigurationTest::getDefaultTestsOp());
//    }

so I tried doing that again and got a long error message with stack trace errors that looks familiar. If I restore those lines, I get the usual error screen with the greyed-out "next" button, "please...errors below" and no errors shown

Thanks for the idea and for your help 

[dynambee]

This should force the optional tests to return as OK, regardless of if any of them are not okay or not:

    public function checkOptionalTests()
    {
        return 'success';
    }

The optional checks test for GZIP being enabled for faster web serving and to see if TLS 1.2 is enabled. Forcing a return of success will skip these two tests.

 

 

 

[veganline]

Solved! (or identified and worked-around)
The optional error messages were a distraction from versions 1.08 and 1.1 not installing where version 1.07 does, as in the thread below, for reasons unknown. Thanks for everybody who has spent time on this and made suggestions. I suppose further solutions belong in that thread.

 

Edited October 1, 2019 by veganline
format / bold underline on results

[Traumflug]

Got it. @veganline kindly gave me access to the server.

The TLSv1.2 message is a red herring. Test fails, but it's an optional test, which doesn't prohibit installation.

Actual issue was a missing error message. The test for ensuring PHP's fopen() takes URLs failed, but didn't report an error, because there is no matching error message. Setting allow_url_fopen in php.ini to 1 should allow installation. And I'll add the missing error message to the sources, of course.

[Traumflug]

There were quite a few missing 😳

https://github.com/thirtybees/thirtybees/commit/3ca6967dc8c44badd7e1d8b455320f6660a87b91

[musicmaster]

11 hours ago, Traumflug said:

The TLSv1.2 message is a red herring. Test fails, but it's an optional test, which doesn't prohibit installation.

Actual issue was a missing error message. The test for ensuring PHP's fopen() takes URLs failed, but didn't report an error, because there is no matching error message. Setting allow_url_fopen in php.ini to 1 should allow installation. And I'll add the missing error message to the sources, of course.

Nice catch.

I was wondering whether it wouldn't be possible to centralize the test information. Now we have

 - ConfigurationTest.php listing the tests that need to be done and doing the tests. 

 - AdminInformationController.php for the error messages in an active shop

 - install/controllers/http/system.php for the error messages during installation

It was this complexity that made this problem so hard to solve.

Wouldn't it be possible to centralize everything in ConfigurationTest.php. For example by having a more complex array of tests that includes the error messages?

[dynambee]

12 hours ago, Traumflug said:

Actual issue was a missing error message. The test for ensuring PHP's fopen() takes URLs failed, but didn't report an error, because there is no matching error message. Setting allow_url_fopen in php.ini to 1 should allow installation. And I'll add the missing error message to the sources, of course.

That makes a lot more sense, and explains why I could install with that error displayed but OP could not.

[Acer]

Hi guys

I'm trying to install TB 1.1.0 on a new server, but I'm getting this error (Paypal, can't proceed with Next).
Installed TB 1.1.0 on two other different hosts, and this is the first time I'm seeing this...

Following the instructions to modify ConfigurationTest + Configuration hasn't worked.... 
Can you please share instructions on how to quickly fix this?
As I see there's been a lot of activity on this post - not sure which is the solution / magic bullet?

Thanks

Edited November 24, 2019 by Theo