10.3 and 3.1 CardConnect Payment Error: Transaction Was Not Authorized
Problem
'Payment Error: Transaction Was Not Authorized...
'Reason: (Response Status: )
'OK'
When Reviewing the CardConnect Curl Response log:
11:09:32.659000 == Info: Trying 69.164.93.9...
11:09:32.690000 == Info: Connected to vsi.cardconnect.com (69.164.93.9) port 8443 (#0)
11:09:32.690000 == Info: schannel: SSL/TLS connection with vsi.cardconnect.com port 8443 (step 1/3)
11:09:32.690000 == Info: schannel: checking server certificate revocation
11:09:32.690000 == Info: schannel: sending initial handshake data: sending 192 bytes...
11:09:32.690000 == Info: schannel: sent initial handshake data: sent 192 bytes
11:09:32.690000 == Info: schannel: SSL/TLS connection with vsi.cardconnect.com port 8443 (step 2/3)
11:09:32.690000 == Info: schannel: failed to receive handshake, need more data
11:09:32.783000 == Info: schannel: SSL/TLS connection with vsi.cardconnect.com port 8443 (step 2/3)
11:09:32.783000 == Info: schannel: encrypted data buffer: offset 1388 length 4096
11:09:32.783000 == Info: schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.
11:09:32.783000 == Info: Closing connection 0
11:09:32.783000 == Info: schannel: shutting down SSL/TLS connection with vsi.cardconnect.com port 8443
11:09:32.783000 == Info: schannel: clear security context handle
11:09:32.783000 == Info: schannel: clear credential handle
Solution
This error message indicates that the curl request for an authorization is unable to communicate to CardConnect.
Fantastic. What's that mean in English?
It means that RecTrac isn't talking to CardConnect.
Great. What's to be done about it?
Several things to check and try:
1.) Possible that anti-virus software is the culprit. Temporarily disable your anti-virus software and then run the transaction again.
- If you're on RecTrac 3.1, you need to disable anti-virus on your RecTrac server.
- If you're on RecTrac 10.3, then you need to disable it on the workstation where you're processing the transaction.
2.) Possible a firewall is blocking the communication between RecTrac and CardConnect. Contact your IT deparment and have them review the firewall logs and adjust firewall settings according to their findings.
- Possible port 8443 is not open from the RecTrac server.
- Possible an SSL setting is blocking it. For Example. Your organization employs firewalls with SSL inspection. In order for the firewall to inspect SSL traffic, there is a firewall SSL certificate installed on our machines to trust the firewall to decrypt and inspect the SSL traffic. In this case, the communication between VSI and CardConnect produced a revocation function was unable to check revocation for the certificate error since it did not trust the firewall SSL certificate. By default, SSL traffic to financial services sites should not be decrypted and inspected. The solution was to create a firewall policy not to decrypt SSL traffic to bolt.cardpointe.com.
3.) Create or modify your firewall policy to allow three GoDaddy URLs to flow through this rule -certs.godaddy.com, crl.godaddy.com, and certificates.godaddy.com.
4.) Another common cause of this error happens when your networks has some sort of SSL decryption in place for incoming traffic. If you are decrypting incoming SSL's, be sure to make an exception for CardConnect's IPs. For more information on which IPS should be whitelisted, please review CardConnects Suggestions found here: https://support.cardconnect.com/bolt/network-whitelisting
OK! And then?
If the transaction goes through, then make sure IT adjusts your anti-virus program or firewall to allow connection to CardConnect.
If the transaction still doesn't go through, then give us a call here at VSI, and one of our Support professionals will troubleshoot the issue with you. We're here to help!