Reputation: 964
Privacy error using pythonanywhere ssl certificate
I have a payment gateway in my web-app that requires an SSL certificate to work properly.
the web-app is a django web-app hosted at pythonanywhere. I used their Auto-renewing Let's Encrypt certificate to add an SSL certificate and make the website load as an HTTPS website.
The website now loads as an HTTPS website but when exiting the payment gateway I still get a Privacy error as follows
Your connection is not private
Attackers might be trying to steal your information from <my domain> (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
I am not sure what I am doing wrong
[EDIT-1]
- I am using a custom domain that I bought from GoDaddy
- I followed this link to setup the SSL certificate
- I have also enabled forcing-https in pythonanywhere.
- I changed the callback url in my views from
http://<my_domain>.org/payment/status/tohttps://<my_domain>.org/payment/status/ - The callback url page does not contain any http links. Just a css file as follows
<link rel="stylesheet" href="{% static 'css/paymentstatus.css' %}">
Please note that when I visit the website, it shows as https. It is only when calling the callback URL does it return the Privacy error.
I did not face this error when I tried it in my local system with ngrok. This error occurs only with pythonanywhere.
[EDIT-2]
nslookup mydomain.org
▶ nslookup mydomain.org
Server: 2405:201:e011:3804::c0a8:1d01
Address: 2405:201:e011:3804::c0a8:1d01#53
Non-authoritative answer:
Name: mydomain.org
Address: IP_ADDRESS
dig mydomain.org
▶ dig mydomain.org
; <<>> DiG 9.10.6 <<>> mydomain.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8056
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mydomain.org. IN A
;; ANSWER SECTION:
mydomain.org. 225 IN A IP_ADDRESS
;; Query time: 2 msec
;; SERVER: 2405:201:e011:3804::c0a8:1d01#53(2405:201:e011:3804::c0a8:1d01)
;; WHEN: Fri Jan 15 14:18:23 IST 2021
;; MSG SIZE rcvd: 51
[EDIT-3]
I changed the url from https://<my_domain>.org/ to https://www.<my_domain>.org/. This leads to a 404 error. I have added my views.py and url.py below
views.py
def donate(request):
if request.method == "POST":
form = DonateForm(request.POST)
name = request.POST.get('firstName')
phone = request.POST.get('phone')
email = request.POST.get('email')
amount = float("{0:.2f}".format(int(request.POST.get('amount'))))
ord_id = OrdID()
cust_id = CustID()
paytm_params = {
"MID" : MERCHANTID,
"WEBSITE" : "DEFAULT",
"INDUSTRY_TYPE_ID" : "Retail",
"CHANNEL_ID" : "WEB",
"ORDER_ID" : ord_id,
"CUST_ID" : cust_id,
"MOBILE_NO" : phone,
"EMAIL" : email,
"TXN_AMOUNT" : str(amount),
"CALLBACK_URL" : "https://www.<my_domain>.org/payment/status/",
}
paytm_params['CHECKSUMHASH'] = Checksum.generate_checksum(paytm_params, MERCHANTKEY)
if form.is_valid():
form.save()
return render(request, 'paytm.html', {'paytm_params': paytm_params})
else:
form = DonateForm()
context = {'Donate': form}
return render(request, 'donate.html', context=context)
@csrf_exempt
def handlerequest(request):
if request.method == "POST":
form = request.POST
response_dict = {}
for i in form.keys():
response_dict[i] = form[i]
if i == 'CHECKSUMHASH':
checksum = form[i]
print(checksum)
verify = Checksum.verify_checksum(response_dict, MERCHANTKEY, checksum)
if verify:
if response_dict['RESPCODE'] == '01':
print('order successful')
else:
print('error: ' + response_dict['RESPMSG'])
return render(request, 'paymentstatus.html', {'response': response_dict})
urls.py
urlpatterns = [
...
path('donate', views.donate, name='donate'),
path('payment/status', views.handlerequest, name='handlerequest'),
...
]
[SOLUTION]
Firstly the www. to the url as the answer indicates was the issue. The 404 error was solved like this.
turns out the path in views and the path in urls should be the same. This solved the issue for me.
def donate(request):
...
paytm_params = {
"MID" : MERCHANTID,
"WEBSITE" : "DEFAULT",
"INDUSTRY_TYPE_ID" : "Retail",
"CHANNEL_ID" : "WEB",
"ORDER_ID" : ord_id,
"CUST_ID" : cust_id,
"MOBILE_NO" : phone,
"EMAIL" : email,
"TXN_AMOUNT" : str(amount),
"CALLBACK_URL" : "https://www.<my_domain>.org/payment/status",
...
urls.py
urlpatterns = [
...
path('donate', views.donate, name='donate'),
path('payment/status', views.handlerequest, name='handlerequest'),
...
]
Note that in the urls.py the path is as follows payment/status. Previously in views the path had a slash in the end like this https://www.<my_domain>.org/payment/status/. Removing the slash in the end worked for me.
Upvotes: 0
Views: 567
Answers (2)
Reputation: 5867
If your site is set up on PythonAnywhere, it's probably at https://www.<my_domain>.org/, not https://<my_domain>.org/. So if your callback URL does not include the www. at the start, then try adding it and see if that fixes the problem.
Upvotes: 1
Reputation: 1867
I will just guess now:
- either the DNS needs some time to propagate with the payment provider DNS database
inside terminal
# check NS record
nslookup yourdomain.org
# try to force refresh for few times
dig yourdomain.org
please share the output
or what concerns me the most that you are using CDN service or loading assets served on http inside your https
in the browser to left hit on the lock icon and check the certificate and if everything looks good you gotta get in touch with their support again to force refresh their DNS, normally it takes sometime to work automatically.
Upvotes: 0
Related Questions
- Python requests SSL error - certificate verify failed
- SSL Error "unexpected message"
- Connection Refused in pythonAnwhere
- Python HTTPS request SSLError CERTIFICATE_VERIFY_FAILED
- "hostname doesn't match" when using requests in PythonAnywhere
- SSL Certificate error while doing a request via python
- Python error using SSL certificate with proxy
- URL request failing with in Python - cannot find SSL certificate
- SSL Error On Python Request
- Python Requests untrusted certificate