Thread

I’m quite confused by what seems should be a simple selection.

I’m developing a site that has a store, and am using Simple Commerce. I am able to make purchases, etc. fine within the sandbox environment, and am receiving IPN in the PayPal mock store account. When I turned on the PayPal option to only accept encrypted payments, I started receiving an error.

On looking at the PayPal buttons on my site, when I rollover the buttons, it is clear from the status bar that the links are not encrypted.

I do have the “Encrypt PayPal Buttons and Links” set to “Yes” under Simple Commerce’s settings. All of the appropriate certificates have been generated. I simply do not know what else I can change.

The store can be viewed at http://www.deepsoulhealing.com/site/index.php/Store/ Only the bottom two items are currently added to the Simple Commerce module - I figured it would be best to add the rest once everything is working. There will also be other items within the site that can be purchased, not in the “Store” area, at a later date.

Any help is greatly appreciated.

Greetings Motomasa!

Can you please take us through the steps you went through to setup the secure buttons in ExpressionEngine?

Thanks,

-greg

Hi -

For the certificates, etc. I pretty much followed the instructions exactly as in the documentation.

Using terminal window, generated a private key, then public certificate. Uploaded them to a directory on the website, 2 branches in from the root. I made sure the Simple Commerce control panel was pointed to the proper directory/documents.

Then I logged into my PayPal sandbox account, and uploaded the public certificate to my PayPal profile. Once that was done, I took the Certificate ID PayPal created for it, and copy/pasted it in to the appropriate spot in the Simple Commerce control panel. (I just checked it again to be sure, and the ID’s match).

I then downloaded the PayPal public certificate. I removed the “.txt” suffix, and named it paypal_certificate.pem and uploaded it to the same directory as my private key and public certificate. Finally, I placed the store in debug mode by modifying mod.simple-commerce.php.

I then added a couple of items in the Simple Commerce control panel, and tried a few transactions with a sandbox customer account. During those initial tests, I did not have the “Encrypt PayPal buttons and links” checked to “Yes” and I tried “Buy Now” purchases as well as shopping cart. I also added shipping calculations in from the PayPal site after the first two test purchases. When I did click “Yes” for encrypting buttons, and selected “Only accept encrypted transactions” from the PayPal account, I started receiving errors. When I rollover the PayPal buttons on the site, I can clearly see the linked information in the status line, often including the target email, currency, etc. so it was obvious the buttons were not encrypting.

Just to be certain, I downloaded the PayPal public certificate again, and uploaded it to my server with another name (and altered the link in the Simple Commerce CP) but that has not changed anything.

Though I feel like I’ve done everything I was supposed to, I’m kind of assuming I’ve missed something very basic, as this is my first dive into Simple Commerce. Hope it’s not anything too difficult.

Oh, and just to further: the folder the .pem files are in is 777, the files themselves are 644, the temp directory for encrypted files is 777.

You mentioned some errors that you received - what were those?  The exact errors are important here.  Thank you!

Oh, the error is simply the one from PayPal when you try to add to cart, or do an instant buy…

“The seller accepts encrypted website payments only. You cannot pay the seller through un-encrypted buttons. Please contact your seller for more details.”

Of course, if I set the sandbox store account to accept unencrypted payments, this goes away, and there are no problems posting transactions.

I am wondering, does there have to be a match between certain information in the generated certificates, and the data PayPal has for the account? For instance, if the email, locality, etc. don’t match, it doens’t encrypt?

Motomasa:

Can you please show us the code you are using to generate the buttons?

-greg

I assume you only need the actual button code (not all the stuff above it)

{exp:simple_commerce:purchase entry_id="{entry_id}" success="Store/success" cancel="site/index"}

<table><tr><td><a >{buy_now_button}Buy Now{/buy_now_button}</a></td>
<td><a >{add_to_cart_button}Add to Cart{/add_to_cart_button}</a></td>
<td><a >{view_cart_button}View Cart{/view_cart_button}</a></td>
</tr></table>

{/exp:simple_commerce:purchase}

I believe that this again is directly from the User Guide.

———————————-

UGH! It won’t let me type in the link information… it keeps disappearing when I hit “Post”

It’s there in the message window when I type, but it isn’t showing up. It is the typical: href=”{view_cart_url}” onclick=“window.open(this.href);return false;” as shown in the User Guide for all 3 links.

The cart link has a window name added: href=”{add_to_cart_url}” onclick=“window.open(this.href, ‘paypal’);return false;”

okay.  Can you please double/triple check all of your settings at:  CP Home ›  Modules ›  Simple Commerce

Make sure your “encrypt buttons & links” is set to ‘yes,’ the paths to the certificates is correct, etc.

OK, I took a day away from it to be sure I wouldn’t rush through it.

I deleted all the .pems from my server, and from my computer. I created the private key then generated a public certificate. I made sure the public certificate contained the same PayPal data as the sandbox account in terms of locality, etc. I used the fictitious email address PayPal created as well to make the data match as thoroughly as possible. Uploaded the certificate to PayPal in the sandbox user profile, and updated the certificate ID in my EE Simple Commerce CP. I downloaded the PayPal public certificate (which downloads as a .txt file), renamed it with .pem suffix, and uploaded it to my server.

It didn’t work, so I generated another public certificate, using the email address I login to my sandbox account with. I upload that to my PayPal profile, and download another public certificate from PayPal - but this time leave it as the .txt file, and upload it to my server. I update the certificate ID, and the file path for the PayPal certificate in my Simple Commerce CP, and try reloading the page again - still getting the message about only accepting encrypted payments.

Is there something I am missing? Somebody from the boards emailed me to find out if I had resolved the problem as they are encountering the same thing.

Motomasa:

Can you please try a clean bare template with nothing in it other than the appropriate EE tags needed to load up the Simple Commerce module.

eg:

{exp:simple_commerce:purchase entry_id="HARD CODE ENTRY ID HERE PLEASE>" success="Store/success" cancel="site/index"}

<table><tr><td><a >{buy_now_button}Buy Now{/buy_now_button}</a></td>
<td><a >{add_to_cart_button}Add to Cart{/add_to_cart_button}</a></td>
<td><a >{view_cart_button}View Cart{/view_cart_button}</a></td>
</tr></table>

{/exp:simple_commerce:purchase}

With that code, and only that code in the template (obviously put in a valid entry_id), will the buttons encrypt?

Also, what extensions are you running?

-greg

Hi Greg -

I tried an empty template (stripped of all CSS, etc.) so all that showed on the rendered page is the table of buttons, and the buttons still don’t encrypt.

I am currently running no extensions at all.

Motomasa:

Please check your email associated with your ExpressionEngine.com account.

-greg

Motomasa:

It looks like you are going to need to speak to your host on this, as php was not compiled with openssl, which looks like it is the reason this is failing.

-greg

Adding to what Greg said, can we make sure you have PHP errors enabled? To test this, create a new template, allow PHP and use some invalid PHP code:

<?php echo $foo ?>

You should get an error. That said, we definitely need PHP compiled with OpenSSL. It’s very rare to see PHP without support for it. Please talk to your host about it.

Hi -

I’ve got a request in for it now.

The control panel for the website overall has an SSH/SSL manager in it, and I also tried generating the key/certificate using their utility. It placed the certificates on a server path hidden from the public_html folder, so I pointed everything in the Simple Commerce module to that, and it still didn’t work.

I’ll give the php error mentioned above a try, and let you know what I get back.