HTTPS Received fatal alert: handshake_failure problem


#1

Hello
I run a magento ecommerce site, and I am using Cloudflare with it.
We use a payment gateway to do payments through a provider, so when users place an order, the site forwards to the gateway, the payment is done, and after that can get back to my site, this is a common way.
My problem, is when the credit card gateway sends a callback to my site, it gets an error if using Cloudflare with CDN (orange cloud). If I deactivate CDN, (grey cloud) then it works perfectly, but then I lose most of the benfist of using Cloudflare.
If I set up the gateway to send its response through unsafe http then it works without a problem but I configure to be sent through https then there is a HTTP 500 error, and my site never receives the payment confirmation. The gateway gets “Received fatal alert: handshake_failure” . If I deactivate cache (grey cloud), no problem, but as soon as I activate I have this error.
I tried to create a page rule for that callabak link , that disables security, Cache Level: Bypass, Disable performance…" but the “Received fatal alert: handshake_failure” still happens.
There is something with the https comunication between the credit card payment gateway and Cloudflare, that produces this error.

Any aideas, about how to solve this?
Is there a way to see log or debug the communication between the gateway and cloudflare?

Thanks so much


#2

Worldpay by any chance?


#3

No, Redsys, the main gateway at Spain.
But if request the link from https://httpstatus.io/ , or if create an HTML form and I do it myself, it works.
It just happens that error with Cloudflare.
What cold be wrong?


#4

Maybe the same issue as at WooCommerce Worldpay handshake_failure Not Completing Order. You should clarify that with your payment provider.


#5

Is there a way to check the communication between the gateway and Cloudflare, where can I see logs at Cloudflare? This way, I could see why the failure is happening

Thanks


#6

I had the same painful experience wiuth redsys - they have some of the worst support ont his planet.
Basically you have to edit the plugin to change to http instead of https fro the notification url

line 39

    $this ->notify_url        = add_query_arg( 'wc-api', 'WC_redsys', str_replace('https','http',home_url( '/' )) );

Of course this is just a workaround - redsys should support the valid certificates supplied by cloudflare


#7

Thanks
I had also to move to http, to make it work


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.