This error keeps happening on my website every so often. It's been working fine now for about 6 months but now decided to do it again.
I use 1&1 ionos hosting. The website uses asp.net and vb.net for the code. Its an online food delivery website which I set up myself by copying and changing some code that was written for me on another website. That site still works fine and is hosted with a different company so I don't know if it's something with ionos. When a customer orders, the payment clears in my PayPal but it doesn't tell my website that its cleared because the ipn is retrying a HTTP 500 error.
VB CODE TO CALL PAYPAL
Dim paypalURLString As String = "https://www.paypal.com/cgi-bin/webscr?" ' Live
Dim paypalParameterString As New StringBuilder
paypalParameterString.Append("cmd=_xclick&")
paypalParameterString.Append("notify_url=https://bozzafodder.co.uk/IPNListener.aspx&") 'POST address for notification
paypalParameterString.Append("bn=SlikkDesign_BuyNow_WPS_GB&")
paypalParameterString.Append("amount=" & session("total") + 1 + session("deliveryCharge") + ddlTip.SelectedValue & "&")
paypalParameterString.Append("item_name=Food Delivery&")
paypalParameterString.Append("currency_code=GBP&")
paypalParameterString.Append("custom=" & imgBtnPaypal.CommandArgument.ToString & "&")
paypalParameterString.Append("custom=" & order.orderID.ToString & "&")
paypalParameterString.Append("business=E4RYLU66FFE3L&") 'Live
paypalParameterString.Append("paymentaction=sale&")
paypalParameterString.Append("return=https://bozzafodder.co.uk/wait.aspx?orderID=" & order.orderID.ToString & "&")
paypalParameterString.Append("cancel_return=https://bozzafodder.co.uk/placeOrder.aspx?msgID=1&")
paypalParameterString.Append("rm=2&")
paypalParameterString.Append("cbt=Return to bozzafodder.co.uk&")
Dim displayParameters As New StringBuilder
displayParameters.Append("showHostedThankyouPage=false")
Response.Redirect(paypalURLString & paypalParameterString.ToString & displayParameters.ToString)
IPN LISTENER
Protected Sub Page_Load(sender As Object, e As System.EventArgs) Handles Me.Load
'Post back to either sandbox or live
Dim strLive As String = "https://ipnpb.paypal.com/cgi-bin/webscr"
'SSL Error Code
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
Dim req As HttpWebRequest = CType(WebRequest.Create(strLive), HttpWebRequest)
'Set values for the request back
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
Dim Param() As Byte = Request.BinaryRead(HttpContext.Current.Request.ContentLength)
Dim strRequest As String = Encoding.ASCII.GetString(Param)
strRequest = strRequest + "&cmd=_notify-validate"
req.ContentLength = strRequest.Length
'Send the request to PayPal and get the response
Dim streamOut As StreamWriter = New StreamWriter(req.GetRequestStream(), Encoding.ASCII)
streamOut.Write(strRequest)
streamOut.Close()
Dim streamIn As StreamReader = New StreamReader(req.GetResponse().GetResponseStream())
Dim strResponse As String = streamIn.ReadToEnd()
streamIn.Close()
Dim qscoll As NameValueCollection = HttpUtility.ParseQueryString(strRequest)
If LEN(qscoll("custom")) >= 32 Then
'Insert the paypal response
Dim order As New orders
order.InsertPaypalResponse(qscoll("txn_id"), qscoll("custom"), strRequest)
If strResponse = "VERIFIED" Then
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), qscoll("payment_status"))
ElseIf strResponse = "INVALID" Then
'log for manual investigation
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), qscoll("payment_status"))
Else
'Response wasn't VERIFIED or INVALID, log for manual investigation
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), "ERROR")
End If
End If
End Sub
End Class
In the attached photos you can see the errors in the PayPal IPN history. The ones that are SENT are from my other website which works fine on a different website. The IPN code is the same though, I've compared the 2.
Your IPN listener is "Unable to connect to the remote server" when attempting to verify an IPN, and so returns a 500 HTTP status.
Your IPN listener must return a 2xx HTTP status for the IPN to be marked as successfully received. PayPal will retry up to ~20 times until this happens, and then mark the IPN as failed if there is still no 2xx success response from your listener.
Since the error is "Unable to connect to the remote server", that is what you must investigate and debug within your environment (listener code and server). Why is it not able to connect to https://ipnpb.paypal.com/cgi-bin/webscr?cmd=_notify-validate ?
Related
I have an application that I am trying to add a layer of SSO, authenticating against Azure AD app registration. The code works fine running in IIS Express, but fails with a 400 Bad Request whenever I attempt to run it from any IIS environment, including localhost.
I have a working function that requests an authorisation code, which works with no issues and the code is returned in the querystring. The issue happens in the next stage, where I use that code to retrieve the user's Sub ID from Microsoft. This is the code I have:
'Get the base azure values
Dim AzureClient As String = ClientInfo
Dim AzureSecret As String = AzureSecret
Dim AuthRedirectUri As String = "The address of the page"
Dim TenantID As String = AzureTenantID
Dim codeVerifier = Verifier string passed in earlier function
Dim httpWReq As HttpWebRequest = DirectCast(WebRequest.Create("https://login.microsoftonline.com/" & TenantID & "/oauth2/v2.0/token"), HttpWebRequest)
httpWReq.Method = "POST"
httpWReq.Host = "login.microsoftonline.com"
httpWReq.ContentType = "application/x-www-form-urlencoded"
Dim postData As String = "client_id=" & AzureClient
postData += "&scope=openid&20email&20profile"
postData += "&code=" & Code
postData += "&redirect_uri=" & AuthRedirectUri
postData += "&grant_type=authorization_code"
postData += "&code_verifier=" & codeVerifier
postData += "&client_secret=" & AzureSecret
Dim encoding As New ASCIIEncoding()
Dim byteArray As Byte() = encoding.GetBytes(postData)
' Set the ContentLength property of the WebRequest.
httpWReq.ContentLength = byteArray.Length
Using streamWriter = New StreamWriter(httpWReq.GetRequestStream())
streamWriter.Write(postData)
End Using
' Get the response.
Dim response As WebResponse = httpWReq.GetResponse() <--- This is where the 400 Bad Request is thrown in IIS, but not IIS Express
Dim responseString As String = New StreamReader(response.GetResponseStream()).ReadToEnd()
Dim o As OAuth2AccessTokenReponse = DirectCast(JsonConvert.DeserializeObject(responseString, GetType(OAuth2AccessTokenReponse)), OAuth2AccessTokenReponse)
Dim IDToken As String = o.id_token
Dim stream = IDToken
Dim handler = New JwtSecurityTokenHandler()
Dim jsonToken = handler.ReadToken(stream)
Dim tokenS = TryCast(jsonToken, JwtSecurityToken)
Dim subID = tokenS.Claims.First(Function(claim) claim.Type = "sub").Value
Return subID
I've compared the calls coming from both environments and they are identical. I have both localhost addresses (localhost IIS address and IIS Express port) so the only differences are the port numbers used in the redirect URI field.
Does anyone have any idea what could be throwing this?
Problem sorted. After much, much digging about I found that IIS was still supporting TLS1.0 - removed that and everything works fine now.
Below is my IPN Listener which has always worked fine on my website for customer PayPal payments. It sets up orders for my site in the Guid format (32 digits with 4 dashes). However, I use the same PayPal account for my Ebay selling and I have just sold an item which when paid for, caused the following error:
System.FormatException
Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
In the IPN history the Payment Status is COMPLETED but the HTTP Response Code is 500 and Delivery Status is 'Retrying'. I'm getting email warnings from PayPal about this, which worry me as I need IPN for my website.
I have checked the Ebay transaction and 'Custom' is EBAY_ENSDX00001030330553110 so I'm guessing my IPN code doesn't like that. Is there a way I can keep Ebay transactions away from my IPN Listener within PayPal? Or is there a way I can edit my IPN code below to deal with a custom ID which isn't in the 32 digit format?
IPN Listener..
Imports System.Net
Imports System.IO
Imports System.Net.Cache
Partial Class IPNListener
Inherits System.Web.UI.Page
Protected Sub Page_Load(sender As Object, e As System.EventArgs) Handles Me.Load
'Post back to either sandbox or live
'Dim strSandbox As String = "https://www.sandbox.paypal.com/cgi-bin/webscr"
Dim strLive As String = "https://ipnpb.paypal.com/cgi-bin/webscr"
'SSL Error Code
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
Dim req As HttpWebRequest = CType(WebRequest.Create(strLive), HttpWebRequest)
'Set values for the request back
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
Dim Param() As Byte = Request.BinaryRead(HttpContext.Current.Request.ContentLength)
Dim strRequest As String = Encoding.ASCII.GetString(Param)
strRequest = strRequest + "&cmd=_notify-validate"
req.ContentLength = strRequest.Length
'Send the request to PayPal and get the response
Dim streamOut As StreamWriter = New StreamWriter(req.GetRequestStream(), Encoding.ASCII)
streamOut.Write(strRequest)
streamOut.Close()
Dim streamIn As StreamReader = New StreamReader(req.GetResponse().GetResponseStream())
Dim strResponse As String = streamIn.ReadToEnd()
streamIn.Close()
Dim qscoll As NameValueCollection = HttpUtility.ParseQueryString(strRequest)
'Insert the paypal response
Dim order As New orders
order.InsertPaypalResponse(qscoll("txn_id"), qscoll("custom"), strRequest)
If strResponse = "VERIFIED" Then
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), qscoll("payment_status"))
ElseIf strResponse = "INVALID" Then
'log for manual investigation
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), qscoll("payment_status"))
Else
'Response wasn't VERIFIED or INVALID, log for manual investigation
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), "ERROR")
End If
End Sub
End Class
In the case of an EBAY transaction, you can simply skip over the verification and exit successfully, since you don't need to do anything with it.
All PayPal needs you to do is return HTTP 200, so they can mark the IPN as successfully delivered. (The problem is you are currently returning HTTP 500 or similar, causing PayPal to mark the delivery as failed.)
An alternative solution is to specify your site's notify_url at your website's transaction level, as a parameter in each transaction's API setup (or HTML redirect if no API), which overrides any setting (or lack of a setting) in your PayPal account. Then in your PayPal account you can blank out the IPN listener URL, and you won't get any more IPNs for Ebay transactions.
My IPN Listener has been working fine for the last 6 months. This last week though, all transactions are 'Retrying' and causing a HTTP 500 Response. I haven't changed any code in the IPN Listener and I haven't changed any settings in PayPal. I have rang PayPal and they say it's not a problem their end. My hosting company 1&1 Ionos have pretty much no idea what I'm talking about. My IPN Listener code is below. My site uses Asp.Net/VB.Net..
Imports System.Net
Imports System.IO
Imports System.Web.Util
Imports System.Data.Common
Partial Class IPNListener
Inherits System.Web.UI.Page
Protected Sub Page_Load(sender As Object, e As System.EventArgs) Handles Me.Load
'Post back to either sandbox or live
'Dim strURL As String = "https://www.sandbox.paypal.com/cgi-bin/webscr"
Dim strURL As String = "https://www.paypal.com/cgi-bin/webscr"
Dim req As HttpWebRequest = CType(WebRequest.Create(strURL), HttpWebRequest)
'Set values for the request back
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
req.Proxy = New WebProxy("ntproxyus.lxa.perfora.net", 3128)
Dim Param() As Byte = Request.BinaryRead(HttpContext.Current.Request.ContentLength)
Dim strRequest As String = Encoding.ASCII.GetString(Param)
strRequest = strRequest + "&cmd=_notify-validate"
req.ContentLength = strRequest.Length
'Send the request to PayPal and get the response
Dim streamOut As StreamWriter = New StreamWriter(req.GetRequestStream(), Encoding.ASCII)
streamOut.Write(strRequest)
streamOut.Close()
Dim streamIn As StreamReader = New StreamReader(req.GetResponse().GetResponseStream())
Dim strResponse As String = streamIn.ReadToEnd()
streamIn.Close()
Dim qscoll As NameValueCollection = HttpUtility.ParseQueryString(strRequest)
'Insert the paypal response
Dim order As New orders
order.InsertPaypalResponse(qscoll("txn_id"), qscoll("custom"), strRequest)
If strResponse = "VERIFIED" Then
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), qscoll("payment_status"))
ElseIf strResponse = "INVALID" Then
'log for manual investigation
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), qscoll("payment_status"))
Else
'Response wasn't VERIFIED or INVALID, log for manual investigation
order.UpdateOrderFromPaypal(qscoll("custom"), qscoll("txn_id"), qscoll("payment_status"))
End If
End Sub
End Class
Your IPN listener likely is having problems connecting to https://www.paypal.com/cgi-bin/webscr in order to validate the IPNs it receives, and so is refusing to process the IPN and returning an HTTP 500, causing PayPal to retry its delivery repeatedly.
For your listener to be able to connect to PayPal and validate IPNs, you need to ensure you have an updated Certificate Authority bundle / list that is able to verify the issuer of the PayPal servers' current, cryptographically secure SSL certificates.
While you are at it, update your IPN listener to use ipnpb.paypal.com rather than www.paypal.com See the current documentation: https://developer.paypal.com/docs/ipn/integration-guide/IPNImplementation/
Using server integration and .net, I post the original request to SagePay and get the NextURL fine, and so go to the payment pages... step through them OK, but then I get the error:
Server error 5006: Unable to redirect to Vendor's web site. The Vendor failed to provide a RedirectionURL.
HTTP error 500: The request was unsuccessful due to an unexpected condition encountered by the server.
But I am sending a RedirectionURL (though the docs call is RedirectURL, which is somewhat confusing - anyway, I've tried using both. This si what I'm sending back from my NotificatioURL - what's wrong?
Dim sb As New StringBuilder
sb.Append("Status=OK")
sb.Append("&StatusDetail=Fine")
sb.Append("&RedirectURL=https://mydomain.co.uk/sagepay.aspx")
Dim urlTEST As String = "https://test.sagepay.com/gateway/service/vspserver-register.vsp"
Dim urlLIVE As String = "https://live.sagepay.com/gateway/service/vspserver-register.vsp"
Try
Dim data As Byte() = Encoding.UTF8.GetBytes(sb.ToString)
Dim request As WebRequest = WebRequest.Create(urlTEST)
request.Method = "POST"
request.ContentType = "application/x-www-form-urlencoded"
request.ContentLength = data.Length
ServicePointManager.ServerCertificateValidationCallback = AddressOf ValidateRemoteSSLCertificate
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
Dim stream = request.GetRequestStream()
stream.Write(data, 0, data.Length)
stream.Close()
Dim response As WebResponse = request.GetResponse()
response.Close()
Catch ex As Exception
'log error
End Try
Update: I gather this POST (unlike the initial one with the basket info) requires that the data be sent plain text key-value pairs separated by CrLf's, so I amended this to
Dim sb As New StringBuilder
sb.AppendLine("Status=OK")
sb.AppendLine("StatusDetail=Fine")
sb.Append("RedirectURL=https://mydomain.co.uk/sagepay.aspx")
but it still fails with the same errors. I also tried using, instead of the WebRequst class, the simpler:
Dim client As WebClient = New WebClient()
Dim reply As String = client.UploadString(urlTEST, sb.ToString)
But still no joy. Also tried changing the request.ContentType to "text/plain", but nope.
Come on, someone, please - this si basic to the their operations, someone must have done it....
Blimey - it never pays to be clever. This script doesn't require WebRequest or anything, just write to the simple Response object. Sigh.. as Linus said ....
So I was struggling with making head or tail out of the PayPal documentation and always felt that something was not right with my Webrequest.
So I stripped all the code back to basic and simply submitted the request via HTTP and the PLUS side is that I now get a response back from the PayPal sandbox server where ACK=Success and TOKEN=Valid-token-value-here there are some other variables returned too, such as CORRELATIONID and TIMESTAMP.
And hence so I tried some of the webrequest samples and I simply get a blank screen instead of being redirected to Paypal for the (sandbox) customer to complete payment.
So if anyone can post their WebRequest method that would be great.
Here is the code I used for my webrequest, I'm sure its wrong but cannot pinpoint where it is going wrong.
Also, when I run the code on my localhost during debugging, everything works fine and the call is completed with SUCCESS and a TOKEN is received.
When I run it live, I recieve Error Number 5 in the Error exception and also the text `Remote host failed to connect' in the STATUS DESCRIPTION.
THIS IS THE UPDATED CODE
Function MakeWebRequest(ByVal pUseSandbox As Boolean, ByVal pRequestMethod As String, ByVal pReturnUrl As String, ByVal pCancelUrl As String, ByRef pRtnStatus As String, ByRef pRtnStatusId As HttpStatusCode, ByRef pRtnResponseString As String) As Boolean
'
Dim _sxHost As String = Nothing
Dim _sxEndpoint As String = Nothing
Dim _sxNameValCol As System.Collections.Specialized.NameValueCollection = Nothing
Dim _sxResponseCol As System.Collections.Specialized.NameValueCollection = Nothing
Dim _sxCounta As Integer = Nothing
Dim _sxParamsString As String = Nothing
'
'-> Init
_sxParamsString = ""
MakeWebRequest = False
_sxNameValCol = New System.Collections.Specialized.NameValueCollection()
_sxResponseCol = New System.Collections.Specialized.NameValueCollection()
If pUseSandbox Then
_sxHost = "http://www.sandbox.paypal.com"
_sxEndpoint = "https://api-3t.sandbox.paypal.com/nvp"
Else
_sxHost = "http://www.paypal.com"
_sxEndpoint = "https://api-3t.paypal.com/nvp"
End If
'-> Create Request
Try
'-> Key/Value Collection Params
_sxNameValCol.Add("METHOD", "SetExpressCheckout")
_sxNameValCol.Add("USER", _UserName)
_sxNameValCol.Add("PWD", _Password)
_sxNameValCol.Add("SIGNATURE", _Signature)
_sxNameValCol.Add("PAYMENTREQUEST_0_AMT", Format(_Basket.BasketTotalIncDelivery / 100, "0.00"))
_sxNameValCol.Add("PAYMENTREQUEST_0_PAYMENTACTION", "Sale")
_sxNameValCol.Add("PAYMENTREQUEST_0_CURRENCYCODE", "GBP")
_sxNameValCol.Add("RETURNURL", pReturnUrl)
_sxNameValCol.Add("CANCELURL", pCancelUrl)
_sxNameValCol.Add("REQCONFIRMSHIPPING", "0")
_sxNameValCol.Add("NOSHIPPING", "2")
_sxNameValCol.Add("LOCALECODE", "EN")
_sxNameValCol.Add("BUTTONSOURCE", "PP-ECWizard")
_sxNameValCol.Add("VERSION", "93.0")
'-> UrlEncode
For _sxCounta = 0 To _sxNameValCol.Count - 1
If _sxCounta = 0 Then
_sxParamsString = _sxParamsString & _sxNameValCol.Keys(_sxCounta) & "=" & HttpUtility.UrlEncode(_sxNameValCol(_sxCounta))
Else
_sxParamsString = _sxParamsString & "&" & _sxNameValCol.Keys(_sxCounta) & "=" & HttpUtility.UrlEncode(_sxNameValCol(_sxCounta))
End If
Next
'-> Credentials (not used)
'_sxRequest.Credentials = CredentialCache.DefaultCredentials
Try
Dim _sxRequest As WebRequest = DirectCast(System.Net.WebRequest.Create(_sxEndpoint), System.Net.HttpWebRequest)
'-> Convert request to byte-array
Dim _sxByteArray As Byte() = Encoding.UTF8.GetBytes(_sxParamsString)
_sxRequest.Method = "POST" 'Our method is post, otherwise the buffer (_sxParamsString) would be useless
_sxRequest.ContentType = "application/x-www-form-urlencoded" 'We use form contentType, for the postvars
_sxRequest.ContentLength = _sxByteArray.Length 'The length of the buffer (postvars) is used as contentlength
Dim _sxPostDataStream As System.IO.Stream = _sxRequest.GetRequestStream() 'We open a stream for writing the postvars
_sxPostDataStream.Write(_sxByteArray, 0, _sxByteArray.Length) 'Now we write, and afterwards, we close
_sxPostDataStream.Close() 'Closing is always important!
'-> Create Response
Dim _sxResponse As HttpWebResponse = DirectCast(_sxRequest.GetResponse(), HttpWebResponse)
'-> Get Response Status
pRtnStatus = _sxResponse.StatusDescription
pRtnStatusId = _sxResponse.StatusCode
'-> Reponse Stream
Dim _sxResponseStream As Stream = _sxResponse.GetResponseStream() 'Open a stream to the response
'-> Response Stream Reader
Dim _sxStreamReader As New StreamReader(_sxResponseStream) 'Open as reader for the stream
pRtnResponseString = _sxStreamReader.ReadToEnd() 'Read the response string
MakeWebRequest = True
'-> Tidy up
_sxStreamReader.Close()
_sxResponseStream.Close()
_sxResponse.Close()
_sxByteArray = Nothing
_sxPostDataStream = Nothing
_sxRequest = Nothing
_sxResponse = Nothing
_sxResponseStream = Nothing
_sxStreamReader = Nothing
Catch ex As Exception
pRtnStatusId = Err.Number
pRtnStatus = "response(" & ex.Message & ")"
Decode(pRtnResponseString, _sxResponseCol)
pRtnResponseString = Stringify(_sxResponseCol)
End Try
Catch ex As Exception
pRtnStatusId = Err.Number
pRtnStatus = "request(" & ex.Message & ")"
Decode(pRtnResponseString, _sxResponseCol)
pRtnResponseString = Stringify(_sxResponseCol)
End Try
'-> Tidy Up
_sxHost = Nothing
_sxEndpoint = Nothing
_sxNameValCol = Nothing
_sxResponseCol = Nothing
_sxCounta = Nothing
_sxParamsString = Nothing
'
End Function
OK, so it's now clear that you're not getting any response from the server because your server isn't able to connect to PayPal's servers at all. Hence, you got no server-response and the message Unable to connect to the remote server. When I tested, I got a HTTP 200 response with the following body:
TIMESTAMP=2015-07-07T09:07:39Z&CORRELATIONID=7f4d2313c9696&ACK=Failure&VERSION=93.0&BUILD=17276661&L_ERRORCODE0=10002&L_SHORTMESSAGE0=Authentication/Authorization Failed&L_LONGMESSAGE0=You do not have permissions to make this API call&L_SEVERITYCODE0=Error
Obviously that's because I tested with a blank username and password.
So, something is wrong with your server setup that's preventing you from making outside connections, either at the IIS level or due to your firewall configuration.
Without physically being present at your machine, there's not a lot we can do to track down what's blocking it, but you can try opening HTTP requests to other public websites like Google.com and see if those succeed.