Payment & Integrated Shipper Gateway Config Data cleared

For general questions and discussions specific to the AbleCommerce GOLD ASP.Net shopping cart software.
Post Reply
dandersonMLT
Lieutenant Commander (LCDR)
Lieutenant Commander (LCDR)
Posts: 95
Joined: Sun Oct 04, 2015 5:45 pm

Payment & Integrated Shipper Gateway Config Data cleared

Post by dandersonMLT » Thu Nov 09, 2017 3:17 am

We've had a problem that has occurred twice now.
Sometimes when we reboot the server, our integrated shipper gateway settings and payment gateway settings are cleared and no orders can go through since customers are unable to pay or get shipping methods.

Looking in the database, it appears that the ConfigData column on ac_PaymentGateways & ac_ShipGateways seems to be encrypted.
However, ReCrypt is set to 0 on the rows and when I re-enter my settings on the admin pages, the data in the column saves unencrypted.

It seems like able is encrypting the data in the column possibly for some reason on startup, but is then unable to load the settings because it doesn't expect them to be encrypted.
This is just a guess however.

Can anyone shed any light on what is going on and how to fix it?

I am running AbleCommerce GoldR10SR1 (build 8620)

Additionally this didn't seem to be a problem. We recently installed some patches for GoldR10 and it seems to have started sometime after those patches were installed.

Thanks

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by jguengerich » Thu Nov 09, 2017 9:57 am

That sounds similar to the problem a few people (including me) have run into that requires a machine key to be set in the web.config file if an encryption key is set. There is a brief mention of it on the R11 upgrade page (http://help.ablecommerce.com/#t=upgrade ... ld_R11.htm)
7) Post-Upgrade Instructions and Information

IMPORTANT INFORMATION REGARDING NEW ENCRYPTION

If you experience a problem with the (payment, tax, or shipping) gateway configuration data disappearing after the server is restarted or application pool recycled, then follow one of the two remedies below.

The extra protection code for encryption key requires the Load User Profile setting to be enabled for the Application Pool. In order to solve above problem either this setting must be enabled or one must specify a machine key in web.config.
In my case, the Load User Profile setting didn't seem to help.
The actual page I quoted has a link you can click on "specify a machine key" that gives instructions, but it can also be done from within IIS Manager. I thought one of my posts on here somewhere had instructions for how to do it in IIS Manager, but I didn't find it after a quick search. I'll post an update if I find it.
In general, you'd want to:
1. Go into Configure > Security > Encryption Key and remove the encryption (set Random Text to "DECRYPT", click "Change Encryption Key" button)
2. Wait for decryption to finish
3. Shut down IIS
4. Put your machine key in web.config
5. Start IIS
6. Go into Configure > Security > Encryption Key and enable the encryption
7. Wait for encryption to finish
The wrinkle is that if you have AC set to store credit card info, that old data may already be unreadable if it was encrypted with a "lost" key. Also, it could take some time to remove encryption and enable encryption, as it will go through all of those records. As always, backups (and/or server snapshots if you are running on a VM) are your friend!
This all assumes that you have encryption enabled. If you don't (which you may not if your ConfigData fields aren't encrypted after you enter them again), not sure if it is related to this or is something different.
Jay

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by jguengerich » Thu Nov 09, 2017 10:10 am

OK, below is what I have in my deployment notes for creating a machine key in IIS Manager. Maybe I never posted it here. Keep a copy of the machine key (or the whole web.config) and your AC encryption key (Use the Get Backup button on the Configure > Security > Encryption Key page after you encrypt). If your IIS server crashes and you lose the the site files, you'll want both so you can make sure a new AC install will be able to read the encrypted data in the database.
Use IIS Manager to add a new machineKey (Select the site, double-click Machine Key in the ASP.NET section, uncheck all checkboxes, click Generate Keys, click Apply)
Jay

dandersonMLT
Lieutenant Commander (LCDR)
Lieutenant Commander (LCDR)
Posts: 95
Joined: Sun Oct 04, 2015 5:45 pm

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by dandersonMLT » Thu Nov 09, 2017 10:24 am

Thanks for the information.
That does sound very similar to what I am experiencing.

The only difference is that I am still running R10 and not R11.

However I did recently install some patches provided by AbleCommerce to fix SQL Injection issues reported by PCI Compliance scan.
I wonder if the patches contained some of the new encryption logic from R11 and that is causing this issue.

Maybe someone from Able can chime in on whether following the steps in jguengerich's link is the appropriate solution for R10 as well.

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by jguengerich » Thu Nov 09, 2017 10:27 am

In the other threads about it on here, Katie (from Able) has stated that this issue doesn't affect everyone, and they have been unable to figure out what the unique set of circumstances/configurations it is that causes it to be a problem for some people.
Jay

dandersonMLT
Lieutenant Commander (LCDR)
Lieutenant Commander (LCDR)
Posts: 95
Joined: Sun Oct 04, 2015 5:45 pm

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by dandersonMLT » Tue Nov 14, 2017 2:45 am

I just wanted to check in again to see if there is an official response from AbleCommerce.

Jguengerich helped explain the problem very well above, but his information applies to R11. (Thanks again for your help jguengerich)

Since I'm still running R10, but this issue didn't begin until after a recent patch for PCI Compliance SQL injection, I'm guessing whatever is causing the issue in R11 was also in the patch I applied for R10.

I can follow the steps recommended above, but since they are for a different version and every time the settings get wiped our users cannot place orders, I really want to get some feedback from AbleCommerce that this fix will work on R10 as well.

User avatar
Katie
AbleCommerce Admin
AbleCommerce Admin
Posts: 2651
Joined: Tue Dec 02, 2003 1:54 am
Contact:

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by Katie » Mon Nov 20, 2017 12:00 am

Code: Select all

but this issue didn't begin until after a recent patch for PCI Compliance SQL injection.
When you applied the patch, did you make a backup of your main web.config by chance? My best guess is that you had a machine key already set in the web.config, and the patch included a new web.config which was used to copy over your original. Just set a machine key if you haven't done so already.

Thanks
Katie
Thank you for choosing AbleCommerce!

http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support

dandersonMLT
Lieutenant Commander (LCDR)
Lieutenant Commander (LCDR)
Posts: 95
Joined: Sun Oct 04, 2015 5:45 pm

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by dandersonMLT » Mon Nov 20, 2017 5:34 pm

I want to thank jguengerich for answering this question.
Katie and Mike have both chimed in to confirm setting a machineKey in the web.config is the correct solution in R10 as well.

After setting the machineKey I am able to restart the server again without losing all of my settings.

We never had to use a machine key previously, but it seems the patch changed something so it is now required.

Thanks again for all of your help and thanks to Katie as always for the help she provides.

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by jguengerich » Tue Nov 21, 2017 2:12 am

Glad you got it working. Another possible cause would be applying Windows Updates to the web server.
Jay

User avatar
Katie
AbleCommerce Admin
AbleCommerce Admin
Posts: 2651
Joined: Tue Dec 02, 2003 1:54 am
Contact:

Re: Payment & Integrated Shipper Gateway Config Data cleared

Post by Katie » Mon Nov 27, 2017 9:56 am

I think Jay has helped enough on this issue, and that we better get an official document put together on how to fix the issue and install a machine key.

http://help.ablecommerce.com/index.htm# ... lletin.htm

Thanks Jay for your help. Hopefully this document will be of use.

Katie
Thank you for choosing AbleCommerce!

http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support

Post Reply