Since I activated the cdn for my site, I had inconveniences to be reflected the payments in the backoffice of my system. The purchase process is going well, but when a customer requests to pay with the PayU platform, and the customer makes the payment, the status is not updated in my backoffice, it is still in “Confirm payment”. The platform told me that it is due to the type of SSL certificate used by the CDN that is elliptical curve. I ask you, will it be possible to avoid these errors by disabling the Always Online mode for the api url of that platform?
If the problem is coming from the type of SSL certificate that CloudFlare is using for the SSL termination, deactivating the always online won’t help.
Could you elaborate on what did they say exactly regarding that issue?
Hello @stephane, thanks for replying.
I quote verbatim from what I was told: "The disadvantage is that the page you are sending has an elliptical curve safety certification. This type of certification is not generally allowed by PayU, you must use a notification service to send it to us and that will allow you to get confirmation. "
I then asked them what kind of certification they would like, to which they replied, "All are valid, the only thing is that the elliptical curve or the one with the encryption suite TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, requires first using a Notification Service to that can be processed and do not generate the error that generates you right now. "
@user2272, could you give me the name of your domain so I can have a look at that?
In // I suggest you create a support ticket: https://support.cloudflare.com
What do you mean? If you are unable to access the form while signed into Cloudflare you can always email supportATcloudflareDOTcom from your account email address. That will start a ticket.
@user2272, hum, I see.
The certificates delivered by CloudFlare are ECC with the Free plan so if you absolutely need to comply with the PayU need which to don’t use ECC certificates, I’d suggest opting for a plan that allows you to upload your own certificate (custom certificate). You’ll need to buy one through a public CA like Comodo, GlobalSign… and install it on our EDGE.
Now on the Cipher side, with the Free plan, you can’t do much… suggest you read that article that explains how are we terminating the SSL connection at our EDGE and what are your options to control it, depending on your plan: https://support.cloudflare.com/hc/en-us/articles/200933580-What-cipher-suites-does-Cloudflare-use-for-SSL-
Or you may just add PayU IPs to the whitelist or disable User-Agent.