Error reported: Callback to: https://www.########################.com/wc-api/WC_Gateway_WorldPay_Form: failed CAUSED BY Received fatal alert: handshake_failure
Server Reference: ukdc1-pz-pay07:callbackFailureEmail-9889:MerchReq-929-54
Thats a good point, the error message would actually rather hint at an SSL issue than an active block. Do all these requests fail or just some? What is your chosen TLS version in your Cloudflare control panel?
Are you referring to these comments, Happy to try them, but the user on the thread has finished off saying their issue was still not resolved.
The solution does make sense providing the use still gets redirected back to the main site
I worked around the worldpay restriction with the following steps:
Create new worldpay subdomain for the affected domain e.g. worldpay.example.com
Secure worldpay.example.com with a free certificate from https://letsencrypt.org/ (it’s just a tick box during subdomain creation in Plesk 17)
Move callback script for affected domain from its current location to the new worldpay subdomain. e.g. from example.com/cb.php to worldpay.example.com/cb.php
Create new worldpayCNAME entry in Cloudflare DNS page for the affected domain and turn the cloud off for the new CNAME
Login to Worldpay admin interface and update the Payment Response URL for the affected installation to match the new URL you set up at step 3
Test!
Now the worldpay system sends its callback POST to worldpay.example.com/cb.php which Cloudflare sends directly to the server (rather than processing it with its SNI cert) and as long as the server has a valid cert installed from e.g. Let’s Encrypt, it works. No more handshake_failure messages