Order Management, post response to "myshopify.com"

jmmc
Tourist
9 0 2

Hello

I am using Order Management from a Gateway already connected to shopify.

So the flow or order management is that when a Store tries to capture or post a transaction, Shopify first connects to our Gateway and posts the transaction. As per shopify requirements, Gateway does not replies the result within that same message and only requires Gateways to send a 200 reply (or "ok"). Shopify requires Gateway to send a post transaction to a url that we get on the previous request (usually ****.myshopify.com). 

So issue we are having is that we get a "The request was aborted: Could not create SSL/TLS secure channel." message. On the server that is creating the request we can navigate perfectly to the store, so we are sure we have the correct ciphers as client, correct protocols as client (tls 1.2)

Is it possible to review this from shopify's side for our requests?

I see that ciphers published by myshopify.com are the following, but we do support them and being able to use from browser shows me that.

 

Cipher Suites
 

 

# TLS 1.3 (server has no preference)
TLS_AES_128_GCM_SHA256 (0x1301)   ECDH x25519 (eq. 3072 bits RSA)   FS128
TLS_AES_256_GCM_SHA384 (0x1302)   ECDH x25519 (eq. 3072 bits RSA)   FS256
TLS_CHACHA20_POLY1305_SHA256 (0x1303)   ECDH x25519 (eq. 3072 bits RSA)   FS256
 

 

# TLS 1.2 (suites in server-preferred order)
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)   ECDH x25519 (eq. 3072 bits RSA)   FS128
OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc14)   ECDH x25519 (eq. 3072 bits RSA)   FS256P
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)   ECDH x25519 (eq. 3072 bits RSA)   FS256P
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK128
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)   ECDH x25519 (eq. 3072 bits RSA)   FS256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH x25519 (eq. 3072 bits RSA)   FS128
OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc13)   ECDH x25519 (eq. 3072 bits RSA)   FS256P
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)   ECDH x25519 (eq. 3072 bits RSA)   FS256P
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK128
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)   WEAK128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)   WEAK128
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)   WEAK128
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH x25519 (eq. 3072 bits RSA)   FS256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK256
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)   WEAK256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)   WEAK256
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)   WEAK256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)   ECDH secp256r1 (eq. 3072 bits RSA)   FS   WEAK128
(P) This server prefers ChaCha20 suites with clients that don't have AES-NI (e.g., Android devices)
0 Likes
_JB
Shopify Staff
Shopify Staff
750 86 163

Hey @jmmc,

This question comes up somewhat frequently, and upgrading to TLS 1.2 usually fixes it. I'm happy to look at our logs for any information, but connection issues like this usually don't hit Shopify's servers. Do you have any requests where Shopify responded with an X-Request-ID value in the headers?

JB | Developer Support @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

0 Likes