Failed to connect to host Input Server Uri = https://pilot-payflowpro.paypal.com/

jibboo
Contributor
Contributor

I have been using PayFlowPro for over 10 years.  Recently (maybe 6 months or so) I have been unable to test any changes when submitting transactions to the test server (pilot-payflowpro.paypal.com).  This is code that I haven't changed in probably 3 or 4 years.  Strangely, if I switch the transaction to the live server everything works as expected.  This is only occurring no the test server.

 

Response Message:

 

Failed to connect to host Input Server Uri = https://pilot-payflowpro.paypal.com/

 

Here is the full response:

 

RESULT=-1&RESPMSG=Failed to connect to host Input Server Uri = https://pilot-payflowpro.paypal.com/

 

I thought maybe the Pilot url might have changed ... but as I'm reading all the latest news about TLS1.1 being discontinued; I see the pilot-payflowpro.paypa.com link is indeed still being used ... does anyone have any idea?

Login to Me Too
1 ACCEPTED SOLUTION

Accepted Solutions
Solved

jibboo
Contributor
Contributor

Thanks for asking ... actually I hadn't tried the test server (pilot-payflowpro) in quite a while.  I just ran a test transaction and it went through.  I'm guessing this is due to some recent server updates I made; forcing Windows Server to use/deny certain protocols.

 

Paypal emailed me regarding their PayFlowPro requiring TLS 1.2 to transmit ... I ran some tests on my server to check the SSL and make sure I supported TLS 1.2.  Which led me to updating the protocols due to the security results from SSL test.

 

You can test your server by plugging in your domain here:  https://www.ssllabs.com/ssltest/

 

Here's my current results (which I'm guessing lead to pilot-payflowpro.paypal.com working like it used to):

 

Protocols
TLS 1.3No
TLS 1.2Yes
TLS 1.1No
TLS 1.0No
SSL 3No
SSL 2No

 

IF you are running on Windows I can probably direct you to some resources instructing how to enable/disable the different protocols.  I manually edited the registry entries in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

View solution in original post

Login to Me Too
7 REPLIES 7

sanmen1593
New Community Member

Any update on this? I am receiving that error from production too now.

Login to Me Too
Solved

jibboo
Contributor
Contributor

Thanks for asking ... actually I hadn't tried the test server (pilot-payflowpro) in quite a while.  I just ran a test transaction and it went through.  I'm guessing this is due to some recent server updates I made; forcing Windows Server to use/deny certain protocols.

 

Paypal emailed me regarding their PayFlowPro requiring TLS 1.2 to transmit ... I ran some tests on my server to check the SSL and make sure I supported TLS 1.2.  Which led me to updating the protocols due to the security results from SSL test.

 

You can test your server by plugging in your domain here:  https://www.ssllabs.com/ssltest/

 

Here's my current results (which I'm guessing lead to pilot-payflowpro.paypal.com working like it used to):

 

Protocols
TLS 1.3No
TLS 1.2Yes
TLS 1.1No
TLS 1.0No
SSL 3No
SSL 2No

 

IF you are running on Windows I can probably direct you to some resources instructing how to enable/disable the different protocols.  I manually edited the registry entries in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols

Login to Me Too

jibboo
Contributor
Contributor

Looking at my config ... I'm wondering if explicitly disabling TLS 1.0 is what caused it to work ... since TLS 1.0 is considered insecure now ... maybe it was using that by default.

Login to Me Too

SiddSubedi
Contributor
Contributor

tried that ..didn't work by just enabling TLS1.2 and disabling all other protocols. What else do you suggest??

i am still getting the error "Failed to connect to host Input Server Uri = https://pilot-payflowpro.paypal.com/".

Login to Me Too

EvelynT
Contributor
Contributor
could you fix it?
I have the same error

 

Login to Me Too

jibboo
Contributor
Contributor

Here is my Windows registry ... granularly setting each protocol for TLS 1.0 / 1.1 / 1.2 and SSL 2 / 3

 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"Enabled"=dword:ffffffff
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:ffffffff

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:ffffffff

registry screenshot TLS 1.0registry screenshot TLS 1.0registry screenshot TLS 1.2registry screenshot TLS 1.2

Login to Me Too

jibboo
Contributor
Contributor

if using .Net as your programming platform, you may need to force it to use TLS 1.2

 

C#

 

 

using System.Net;

// force legacy PayFlow Pro SDK DLL to use TLS 1.2
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

 

 

 

VB.Net

 

 

Imports System.Net

' --- force legacy PayFlow Pro SDK DLL to use TLS 1.2
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

 

 

 

Login to Me Too

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.