PayPal IPN Integration – SSL Connection Reset By Peer

PayPal IntegrationWhen integrating PayPal payment processing into a web application, one of the common errors is “SSL: Connection Reset By Peer.” This cryptic error message can be challenging to fix without the correct set of headers.

First a little background information about the role of PayPal IPN in the payment processing. The straightforward implementation of PayPal credit card processing is to add a button on the payment page that redirects to PayPal’s site for the payment processing. This helps alleviate security concerns by separating the site from the stringent PCI data security requirements. On successful completion of purchase, PayPal will redirect back to the originating site for the order receipt.

The challenge with this simpler implementation is that the source website has no confirmation that the product was actually purchased. While confirmation can be returned in post-back, the reality is that this can be spoofed by malicious clients.

PayPal’s solution to this dilemma is the introduction of the IPN utility. IPN stands for “Instant Payment Notification”, where the source website is notified in the back-end every time a payment is successfully processed. This way, the website receives a confirmation “behind the scenes”, and this confirmation cannot be spoofed due to the two-factor authentication.

The “SSL: Connection Reset By Peer” error occurs during the second part of the authentication. When the back-end page sends a direct request to PayPal to verify the validity of the order information, PayPal will ignore the request and send back this error message.

This error is due to unannounced changes in PayPal’s protocol – and even the examples in PayPal’s own documentation fail. The solution is to add two headers to the standard POST packet as follows:

$header = "POST /cgi-bin/webscr HTTP/1.1\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n";
$header .= "Connection: Close\r\n";
$header .= "Host: www.paypal.com\r\n\r\n"; //use www.sandbox.paypal.com for test

If using the sandbox server, the final “host” line should list the sandbox SSL URL instead of the production PayPal URL. Also be sure to keep the correct alignment of line breaks – each header line should have one line break, except for the last line, which should have two line breaks.

This code will enable the HTTP 1.1 protocol on the POST packet, and make sure that the headers pass current PayPal verification standards.

Written by Andrew Palczewski

About the Author
Andrew Palczewski is CEO of apHarmony, a Chicago software development company. He holds a Master's degree in Computer Engineering from the University of Illinois at Urbana-Champaign and has over ten years' experience in managing development of software projects.
Google+

RSS Twitter LinkedIn Facebook Email

2 thoughts on “PayPal IPN Integration – SSL Connection Reset By Peer”

  1. I tried to sign up last year using my Taiwanese credit card, but after the first month, it rufseed the autopaypal charge the next month and I got an email stating that Majority.fm canceled my account. It took me a while to work out what happened. Apparently my issuing bank expects me to call them every month before the automatic charge takes place, on that day, so they can allow it. I’m told that as a foreigner living in Taiwan, I’m lucky to have a credit card at all. Anyway, I did some jiujitsu and set up a PayPal account on a joint bank account with my father in the US, for the sole purpose of making my meager $10 monthly membership contribution (btw I’ve been unemployed for the last 8 months), and I have to transfer money monthly from my local bank to the US, again to accomplish this goal. BUT IT’S WORTH IT. That Thomas Frank interview from last week was just another example of what makes your show so valuable. Oh, btw, I owe you some money for members-only podcasts over the last 6 months or so that I technically shouldn’t have had access to, but I think I can make that up in individual contributions here and there. I’m sorry for having gamed the system for so long, but I’ll make good on it and I’m glad to finally have what appears to be a working monthly contribution thing set up and functioning.

  2. I’m not sure the place you are getting your info, however
    good topic. I must spend a while studying much
    more or understanding more. Thank you for wonderful info I used to be in search of this info for my mission. viagra 100mg

Leave a Reply

Your email address will not be published. Required fields are marked *