Home > Internet, Programming, WebDev > Secpay, Actinic & SSL lameness

Secpay, Actinic & SSL lameness

October 30th, 2007 Mark Leave a comment Go to comments

Currently when enabling SSL on shopping cart pages in Actinic, Actinic will no longer be able to link up Secpay transactions to orders.

After numerous hours debugging, I figured out what was going wrong.. when SSL is enabled on shopping cart pages, Actinic provides Secpay with HTTPS callbacks – as you’d expect. It also sets a parameter which Secpay needs if the callbacks are HTTPS. However for some reason at this moment in time Secpay won’t use the HTTPS callbacks – the request is never sent to the server

I don’t know why this is happening, I even used the alternative method of informing Secpay that the callback is HTTPS – via the ‘options’ parameter.. no dice

The solution I’m currently using is to modify the ‘OCCSecPayScriptTemplate.pl’ file, inserting a line after the following block of code:

# to enable Diners cards, remove the ‘#’ from the start of the 2 lines below
#$sOptions .= ‘,’ if ($sOptions ne ”);
#$sOptions .= ‘diners=true’;

the line to change the callback URLs back to HTTP is:

$::sCallBackURLAuth =~ s/https/http/;

  1. malcolm
    January 6th, 2008 at 14:12 | #1

    Well, looking at your post below about godaddy, I’d guess that your problem is with secpay not having the certificate?
    Also I’d like to point out that using ssl does not make it any more secure, a common myth is that ssl increases security, it does not always! and in the case of the callback that is true – as generally there is nothing in there that needs to be sent on an encrypted channel. The callback should be verified though using the hashing mechanism

  1. No trackbacks yet.