Unexpected error communicating with Stripe

Question

Billing with Stripe i have a form and i submit information and place the order following error has occured....

Unexpected error communicating with Stripe. If this problem persists, let us know at support@stripe.com. (Network error [errno 77]: error setting certificate verify locations: CAfile: C:\xampp\htdocs\PhpProject2\app\Lib\Stripe/../data/ca-certificates.crt CApath: none )

my controller action code

    if(!empty($this->request->data)){            
        $email = $this->request->data['email'];
        $credit_card = $this->request->data['card_number'];
        $expire_month = $this->request->data['expiration_month'];
        $expire_year = $this->request->data['expiration_year'];
        $cvc = $this->request->data['cvc'];  
        //require_once('./lib/Stripe.php');
        require_once "./../lib/Stripe.php";
        Stripe::setApiKey("sk_test_KEY"); 
        $token = Stripe_Token::create(array(
            "card" => array(
            "number" => $credit_card, 
            "exp_month" => $expire_month, 
            "exp_year" => $expire_year, 
            "cvc" => $cvc)));

and my view

<?php

echo $this->Form->create(false, array('action' => 'index'));
echo $this->Form->input('email', array('id' => 'email'));
echo $this->Form->input('card_number');
$options = array('1' => 'January', '2' => 'February', '3' => 'March', '4' => 'April',
 '5' =>'May', '6' => 'June', '7' => 'July', '8' => 'August', '9' => 'September',
'10' =>  'October', 
'11' => 'November', '12' => 'December');

 $start_year =array('1'=>2013,'2'=>2014,'3'=>2015,'4'=>2016,
'5'=>2017,'6'=>2018,'7'=>2019,'8'=>2020,'9'=>2021);

echo $this->Form->input('expiration_month', array('type' => 'select', 'options' => $options));
echo $this->Form->input('cvc');
echo $this->Form->end('place order', array('controller' => 'stripes', 'action' => 'index'));
?>

any help will appreciated

Answer 1

Disabling SSL Certificates verification (\Stripe\Stripe::setVerifySslCerts(false); suggested by ykay) was useful to me in a test/local environment, but in production this verification still needs to happen.

So I contacted Stripe support and they suggested me a few steps (explained below) that finally led me to the real problem, my file structure:

• data/ca-certificates.crt is referenced by Stripe.php's getDefaultCABundlePath(). If this file is not found, you might get an ApiConnection error with empty properties as output, like the one posted in this other question.

So the solution was either simply to place this file exactly on that path, or to move it to a different directory and update its location using Stripe::setCABundlePath().

If all Stripe files are properly referenced: steps for verifying TLSv1.2 support

1. Testing TLS in the server: after ensuring TLSv1.2 was operational in the server through this script that Stripe support recommended, producing the following output:

• TLS test (default): TLS 1.2
• TLS test (TLS_v1): TLS 1.2
• TLS test (TLS_v1_2): TLS 1.2

2. They then suggested me to check for compatibility issues:

https://github.com/stripe/stripe-php#ssl--tls-compatibility-issues

3. This lead me to run the script in upgrade cURL and OpenSSL packages which tests and uses the Stripe's PHP integration (requires Stripe's init.php code):

https://support.stripe.com/questions/how-do-i-upgrade-my-stripe-integration-from-tls-1-0-to-tls-1-2#php

The following was produced:

TLS 1.2 is not supported. You will need to upgrade your integration.

4. Since the server is running Ubuntu (cat /etc/*-release) I then upgraded the OpenSSL version:

https://support.stripe.com/questions/how-do-i-upgrade-my-openssl-to-support-tls-1-2

With the following commands:

    sudo apt-get update && sudo apt-get install --only-upgrade openssl
    sudo apt-get update && sudo apt-get install --only-upgrade libssl-dev

Since these packages were in their latest version in the server, I decided to have another look into the Stripe's zip file structure and found out that when I unzipped the files, the path to ca-certificates.crt was not the same as the one in Stripe.php (which was causing the issue).

Answer 2

You will get this error if you do not have your CA bundle configured correctly.

You can use the following before making your charge calls to get around this.

\Stripe\Stripe::setVerifySslCerts(false);

This will leave your traffic, including client PII, vulnerable to interception and/or tampering.

Answer 3

Not sure, but your code might be working. The issue is they require encrypted communication accomplished by certificate files which you either haven't set (in the library itself, SDKs often work like this) when using the library or the path is unparseable (mixed forward / and back \ slashes).