In order to comply with new Payment Card Industry (PCI) requirements, payment gateways such as Authorize.NET and Cybersource are dropping support for older versions of HTTPS security protocols (TLS 1.0 and TLS 1.1) and requiring TLS 1.2. This change has already occurred in the Authorize.NET sandbox environment.
To ensure your Active Commerce installation utilizes TLS 1.2, you may need to enable it as a security protocol with .NET. This can be done in a Sitecore initialize pipeline processor. An example is attached to this article.
Note that this example keeps TLS 1.0 and TLS 1.1 enabled in case other integrated web services still require it. The necessary and recommended security protocols will be specific to your implementation, thus you should adjust this as needed and test your implementation thoroughly before deploying to production.
Related Errors
If you do not apply the necessary update, you may encounter errors during order processing such as:
ActiveCommerce.Orders.Processing.OrderProcessingException:
Error invoking payment provider --->
System.Net.WebException: The underlying connection was closed:
An unexpected error occurred on a send. --->
System.IO.IOException: Unable to read data from the transport connection:
An existing connection was forcibly closed by the remote host. --->
System.Net.Sockets.SocketException:
An existing connection was forcibly closed by the remote host
More Information
PCI - Migrating from SSL and Early TLS
Cybersource Security Updates - Spring/Summer 2017
Authorize.NET - Important TLS Disablement Notice
Example Code
Comments