Worldpay: remote host closed connection during handshakeAuthor: Martin Wallace
Around 4pm yesterday one of our clients began receiving error notifications from Worldpay.
The message was:
Our systems have detected that your callback has failed.
This callback failure means we were unable to pass information
to your server about the following transaction:
Transaction ID: 1111111111
Cart ID: 1111111111111
Installation ID: 1111111
Error reported: Callback to: https://example.com: failed CAUSED BY Remote host closed connection during handshake
Server Reference: 11111-11-1111:callbackFailureEmail-11111:11111111-11-11
Also, if you usually return a response page for us to display to the Shopper within the time allowed (1 minute), this will not have been displayed.
Googling the error “Remote host closed connection during handshake” shows that the message relates to the requesting service’s handling of SSL certificates.
We hadn’t changed the client’s SSL cert for over a year. We had not deployed any recent software updates for the client, and we could see that multiple other payment processors, used by this system, were connecting to our server without issue. There were no errors in our server’s Event Log or in the app’s Logentries records.
We contacted Worldpay support, who were very helpful. They told us that SSL certs are cached on their systems, and can be cached for a long time (i.e. over a year). They also said their systems can’t handle SNI.
So what seems to have happened was that Worldpay’s certificate cache was refreshed yesterday around 4pm. Our client’s year-old certificate, which uses SNI, was loaded by Worldpay, and all subsequent connections from Worldpay failed.
Options to fix this include (a) get a new non-SNI certificate and (b) change the callback URL to use HTTP.
Hopefully this post will assist if someone else experiences this issue.