Payment & Integrated Shipper Gateway Config Data cleared
-
- Lieutenant Commander (LCDR)
- Posts: 95
- Joined: Sun Oct 04, 2015 5:45 pm
Payment & Integrated Shipper Gateway Config Data cleared
We've had a problem that has occurred twice now.
Sometimes when we reboot the server, our integrated shipper gateway settings and payment gateway settings are cleared and no orders can go through since customers are unable to pay or get shipping methods.
Looking in the database, it appears that the ConfigData column on ac_PaymentGateways & ac_ShipGateways seems to be encrypted.
However, ReCrypt is set to 0 on the rows and when I re-enter my settings on the admin pages, the data in the column saves unencrypted.
It seems like able is encrypting the data in the column possibly for some reason on startup, but is then unable to load the settings because it doesn't expect them to be encrypted.
This is just a guess however.
Can anyone shed any light on what is going on and how to fix it?
I am running AbleCommerce GoldR10SR1 (build 8620)
Additionally this didn't seem to be a problem. We recently installed some patches for GoldR10 and it seems to have started sometime after those patches were installed.
Thanks
Sometimes when we reboot the server, our integrated shipper gateway settings and payment gateway settings are cleared and no orders can go through since customers are unable to pay or get shipping methods.
Looking in the database, it appears that the ConfigData column on ac_PaymentGateways & ac_ShipGateways seems to be encrypted.
However, ReCrypt is set to 0 on the rows and when I re-enter my settings on the admin pages, the data in the column saves unencrypted.
It seems like able is encrypting the data in the column possibly for some reason on startup, but is then unable to load the settings because it doesn't expect them to be encrypted.
This is just a guess however.
Can anyone shed any light on what is going on and how to fix it?
I am running AbleCommerce GoldR10SR1 (build 8620)
Additionally this didn't seem to be a problem. We recently installed some patches for GoldR10 and it seems to have started sometime after those patches were installed.
Thanks
-
- Commodore (COMO)
- Posts: 436
- Joined: Tue May 07, 2013 1:59 pm
Re: Payment & Integrated Shipper Gateway Config Data cleared
That sounds similar to the problem a few people (including me) have run into that requires a machine key to be set in the web.config file if an encryption key is set. There is a brief mention of it on the R11 upgrade page (http://help.ablecommerce.com/#t=upgrade ... ld_R11.htm)
The actual page I quoted has a link you can click on "specify a machine key" that gives instructions, but it can also be done from within IIS Manager. I thought one of my posts on here somewhere had instructions for how to do it in IIS Manager, but I didn't find it after a quick search. I'll post an update if I find it.
In general, you'd want to:
1. Go into Configure > Security > Encryption Key and remove the encryption (set Random Text to "DECRYPT", click "Change Encryption Key" button)
2. Wait for decryption to finish
3. Shut down IIS
4. Put your machine key in web.config
5. Start IIS
6. Go into Configure > Security > Encryption Key and enable the encryption
7. Wait for encryption to finish
The wrinkle is that if you have AC set to store credit card info, that old data may already be unreadable if it was encrypted with a "lost" key. Also, it could take some time to remove encryption and enable encryption, as it will go through all of those records. As always, backups (and/or server snapshots if you are running on a VM) are your friend!
This all assumes that you have encryption enabled. If you don't (which you may not if your ConfigData fields aren't encrypted after you enter them again), not sure if it is related to this or is something different.
In my case, the Load User Profile setting didn't seem to help.7) Post-Upgrade Instructions and Information
IMPORTANT INFORMATION REGARDING NEW ENCRYPTION
If you experience a problem with the (payment, tax, or shipping) gateway configuration data disappearing after the server is restarted or application pool recycled, then follow one of the two remedies below.
The extra protection code for encryption key requires the Load User Profile setting to be enabled for the Application Pool. In order to solve above problem either this setting must be enabled or one must specify a machine key in web.config.
The actual page I quoted has a link you can click on "specify a machine key" that gives instructions, but it can also be done from within IIS Manager. I thought one of my posts on here somewhere had instructions for how to do it in IIS Manager, but I didn't find it after a quick search. I'll post an update if I find it.
In general, you'd want to:
1. Go into Configure > Security > Encryption Key and remove the encryption (set Random Text to "DECRYPT", click "Change Encryption Key" button)
2. Wait for decryption to finish
3. Shut down IIS
4. Put your machine key in web.config
5. Start IIS
6. Go into Configure > Security > Encryption Key and enable the encryption
7. Wait for encryption to finish
The wrinkle is that if you have AC set to store credit card info, that old data may already be unreadable if it was encrypted with a "lost" key. Also, it could take some time to remove encryption and enable encryption, as it will go through all of those records. As always, backups (and/or server snapshots if you are running on a VM) are your friend!
This all assumes that you have encryption enabled. If you don't (which you may not if your ConfigData fields aren't encrypted after you enter them again), not sure if it is related to this or is something different.
Jay
-
- Commodore (COMO)
- Posts: 436
- Joined: Tue May 07, 2013 1:59 pm
Re: Payment & Integrated Shipper Gateway Config Data cleared
OK, below is what I have in my deployment notes for creating a machine key in IIS Manager. Maybe I never posted it here. Keep a copy of the machine key (or the whole web.config) and your AC encryption key (Use the Get Backup button on the Configure > Security > Encryption Key page after you encrypt). If your IIS server crashes and you lose the the site files, you'll want both so you can make sure a new AC install will be able to read the encrypted data in the database.
Use IIS Manager to add a new machineKey (Select the site, double-click Machine Key in the ASP.NET section, uncheck all checkboxes, click Generate Keys, click Apply)
Jay
-
- Lieutenant Commander (LCDR)
- Posts: 95
- Joined: Sun Oct 04, 2015 5:45 pm
Re: Payment & Integrated Shipper Gateway Config Data cleared
Thanks for the information.
That does sound very similar to what I am experiencing.
The only difference is that I am still running R10 and not R11.
However I did recently install some patches provided by AbleCommerce to fix SQL Injection issues reported by PCI Compliance scan.
I wonder if the patches contained some of the new encryption logic from R11 and that is causing this issue.
Maybe someone from Able can chime in on whether following the steps in jguengerich's link is the appropriate solution for R10 as well.
That does sound very similar to what I am experiencing.
The only difference is that I am still running R10 and not R11.
However I did recently install some patches provided by AbleCommerce to fix SQL Injection issues reported by PCI Compliance scan.
I wonder if the patches contained some of the new encryption logic from R11 and that is causing this issue.
Maybe someone from Able can chime in on whether following the steps in jguengerich's link is the appropriate solution for R10 as well.
-
- Commodore (COMO)
- Posts: 436
- Joined: Tue May 07, 2013 1:59 pm
Re: Payment & Integrated Shipper Gateway Config Data cleared
In the other threads about it on here, Katie (from Able) has stated that this issue doesn't affect everyone, and they have been unable to figure out what the unique set of circumstances/configurations it is that causes it to be a problem for some people.
Jay
-
- Lieutenant Commander (LCDR)
- Posts: 95
- Joined: Sun Oct 04, 2015 5:45 pm
Re: Payment & Integrated Shipper Gateway Config Data cleared
I just wanted to check in again to see if there is an official response from AbleCommerce.
Jguengerich helped explain the problem very well above, but his information applies to R11. (Thanks again for your help jguengerich)
Since I'm still running R10, but this issue didn't begin until after a recent patch for PCI Compliance SQL injection, I'm guessing whatever is causing the issue in R11 was also in the patch I applied for R10.
I can follow the steps recommended above, but since they are for a different version and every time the settings get wiped our users cannot place orders, I really want to get some feedback from AbleCommerce that this fix will work on R10 as well.
Jguengerich helped explain the problem very well above, but his information applies to R11. (Thanks again for your help jguengerich)
Since I'm still running R10, but this issue didn't begin until after a recent patch for PCI Compliance SQL injection, I'm guessing whatever is causing the issue in R11 was also in the patch I applied for R10.
I can follow the steps recommended above, but since they are for a different version and every time the settings get wiped our users cannot place orders, I really want to get some feedback from AbleCommerce that this fix will work on R10 as well.
Re: Payment & Integrated Shipper Gateway Config Data cleared
Code: Select all
but this issue didn't begin until after a recent patch for PCI Compliance SQL injection.
Thanks
Katie
Thank you for choosing AbleCommerce!
http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support
http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support
-
- Lieutenant Commander (LCDR)
- Posts: 95
- Joined: Sun Oct 04, 2015 5:45 pm
Re: Payment & Integrated Shipper Gateway Config Data cleared
I want to thank jguengerich for answering this question.
Katie and Mike have both chimed in to confirm setting a machineKey in the web.config is the correct solution in R10 as well.
After setting the machineKey I am able to restart the server again without losing all of my settings.
We never had to use a machine key previously, but it seems the patch changed something so it is now required.
Thanks again for all of your help and thanks to Katie as always for the help she provides.
Katie and Mike have both chimed in to confirm setting a machineKey in the web.config is the correct solution in R10 as well.
After setting the machineKey I am able to restart the server again without losing all of my settings.
We never had to use a machine key previously, but it seems the patch changed something so it is now required.
Thanks again for all of your help and thanks to Katie as always for the help she provides.
-
- Commodore (COMO)
- Posts: 436
- Joined: Tue May 07, 2013 1:59 pm
Re: Payment & Integrated Shipper Gateway Config Data cleared
Glad you got it working. Another possible cause would be applying Windows Updates to the web server.
Jay
Re: Payment & Integrated Shipper Gateway Config Data cleared
I think Jay has helped enough on this issue, and that we better get an official document put together on how to fix the issue and install a machine key.
http://help.ablecommerce.com/index.htm# ... lletin.htm
Thanks Jay for your help. Hopefully this document will be of use.
Katie
http://help.ablecommerce.com/index.htm# ... lletin.htm
Thanks Jay for your help. Hopefully this document will be of use.
Katie
Thank you for choosing AbleCommerce!
http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support
http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support