RIO or Server 2016 R2 Problem

[KimHJ 3]

I have a rest server module that process credit cards. It is running on a Windows 2016 R2 server in the cloud since February 2021 with no problems.

I have two different processor in the module, one works fine the other stopped working end of February 2025 and I can't find out why. They booth works fine on my Windows 10 computer.

Both processors uses TLS1.2 and I checked using the Nartac ISS Crypto 3.3 and it show that TLS1.2 is the only valid protocol.

On the server using IE I get this when I enter https://secure.usaepay.com/soap/gate/BBLQPYNC/usaepay.wsdl

<!--  USAePay Soap Interface - v1.6 (RPC)  -->
<!--  WSDL file generated painstakingly by hand  -->
<!--  For further documentation on the USAePay API
     Please visit http://help.usaepay.com/developer/soap
  -->
<definitions xmlns:typens="urn:usaepay" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns="http://schemas.xmlsoap.org/wsdl/" name="usaepay" targetNamespace="urn:usaepay">
...
</definitions>

When I enter this WSDL: https://ps1.merchantware.net/Merchantware/ws/RetailTransaction/v45/Credit.asmx I get this. (Imported to Delphi like this: https://ps1.merchantware.net/Merchantware/ws/RetailTransaction/v45/Credit.asmx?WSDL)

This page can’t be displayed


Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to
https://ps1.merchantware.net  again. If this error persists, it is possible that this site uses an 
unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered 
secure. Please contact your site administrator. 

 

I can run the https://ps1.merchantware.net/Merchantware/ws/RetailTransaction/v45/Credit.asmx in Nartac ISS Crypto 3.3 in Site Scan and it works fine and does the whole scan.

 

Here is the code for the one that is not working:

function TEWBModule1.CayanProcessing(MCCNumber, MExpDate, Mcvv, MWAmount, MCusNum, MName, MTransNum, MWType: string; SaveIt: Boolean): Boolean;
var
ReturnStr: TransactionResponse45;
MerchantC: MerchantCredentials;
PData: PaymentData;
Sale: SaleRequest;
Void: VoidRequest;
Service: CreditSoap;
RIO: TRIO;
MwCardType, CCardNumber, Authoriz, CardT, CCToken, ApproveS: String;
MYApprovedAmount: Double;
DidConnect: Boolean;
begin
    DidConnect := True;
    CoInitialize(nil);

    MerchantC:= MerchantCredentials.Create;
    MerchantC.MerchantName := MasterTbl.FieldByName('Mlogin').AsString;
    MerchantC.MerchantSiteId := MasterTbl.FieldByName('MPassword').AsString;
    MerchantC.MerchantKey := MasterTbl.FieldByName('Merchantnum').AsString;
    
    Try
    if MWType='C' then
       begin
			PData:= PaymentData.Create;
    		Sale:= SaleRequest.Create;            
			PData.Source := 'KEYED';
            PData.CardNumber := MCCNumber;
            PData.ExpirationDate := MExpDate;
            PData.CardHolder := MName;
            PData.CardVerificationValue := Mcvv;


            Sale.Amount := MWAmount;
            Sale.InvoiceNumber := MTransNum;
            Sale.CustomerCode := MCusNum;
            Sale.RegisterNumber := 'Web';
            Sale.MerchantTransactionId := MTransNum;
            Sale.CardAcceptorTerminalId := '1';
            Sale.EnablePartialAuthorization := 'false';
            Sale.ForceDuplicate := 'false';
       end
    else
        begin
            Void := VoidRequest.Create;
            Void.Token := MCCNumber;
            Void.RegisterNumber := 'Web';
            Void.MerchantTransactionId := MTransNum;
            Void.CardAcceptorTerminalId := '1';
        end;


        Service := GetCreditSoap(Boolean(False), '');
        RIO := (Service as IRIOAccess).RIO;
        if RIO is THTTPRIO then
        begin
             THTTPRIO(RIO).HTTPWebNode.ConnectTimeout := 1000 * 30;
             THTTPRIO(RIO).HTTPWebNode.SendTimeout := 1000 * 15;
             THTTPRIO(RIO).HTTPWebNode.ReceiveTimeout := 1000 * 60;
        end;


        try
           if MWType='C' then
              ReturnStr := Service.Sale(MerchantC,PData,Sale)
           else
               ReturnStr := Service.Void(MerchantC,Void);
 		except
            On E:Exception do
                begin
                     Result := False;
                     DidConnect := False;
                end;
        end;
Finally
          if MWType='C' then
             begin
                  PData.Free;
                  Sale.Free;
             end
          else
             Void.Free;

          MerchantC.Free;
          CoUnInitialize;
   End;
end;

The ReturnStr is blank.

 

This is the second processor also imported as a WSDL and it is still working fine.

 

function TEWBModule1.ProcessCreditcard(card,Exp,cvv, Amount, account, transnum, PType: String; Saveit: Boolean): Boolean;
var
NewToken: usaepay.ueSecurityToken;
tran: usaepay.TransactionRequestObject;
response: usaepay.TransactionResponse;
Wclient: usaepay.ueSoapServerPortType;
CData: usaepay.CreditcardData;
CDetails: usaepay.TransactionDetail;
NewAmount: Double;
RIO: TRIO;
I: Integer;
VoidResponse, CApproved: Boolean;
Errormsg: String;
begin
     NewToken := nil;
     tran := nil;
     Response := nil;

     try

         CoInitialize(nil);


         NewToken := CreateToken(MasterTbl.FieldByName('Merchantnum').AsString, MasterTbl.FieldByName('Mlogin').AsString);


         tran := usaepay.TransactionRequestObject.Create;
         if PType='C' then
            begin
                 CData:= usaepay.CreditcardData.Create;
                 CDetails:= usaepay.TransactionDetail.Create;

                 CData.CardNumber := card;
                 CData.CardExpiration := Exp;
                 CData.CardCode := cvv;

                 NewAmount := StrToFloat(Amount);
                 CDetails.Amount := NewAmount;
                 CDetails.AllowPartialAuth := False;
                 CDetails.Description := 'Web Payment';

                 tran.Details := CDetails;
                 tran.CreditCardData := CData;
                 tran.CustomerID := account;
                 tran.Software := 'ComcaWeb';

                 tran.Command := 'sale';
            end;

         Wclient := GetueSoapServerPortType(False,'');

         RIO := (Wclient as IRIOAccess).RIO;
         if RIO is THTTPRIO then
            begin
                 THTTPRIO(RIO).HTTPWebNode.ConnectTimeout := 1000 * 30;
                 THTTPRIO(RIO).HTTPWebNode.SendTimeout := 1000 * 15;
                 THTTPRIO(RIO).HTTPWebNode.ReceiveTimeout := 1000 * 60;
            end;


    finally
            NewToken.Free;
            tran.Free;
            response.Free;
			CoUnInitialize;
     end;
    
end;

 

The only thing I can think off is that something changed in Windows Server 2016 R2 in February 2025.

Thanks for any help.

 

 

 

[Kas Ob. 138]

11 hours ago, KimHJ said:

Thanks for any help.

I tried these links and nothing is no one answer the connection timed out.

 

Using WireShark also showed the connection didn't establish and no answer or anything came back, acted like black hole.

Using SSLabs.com as you did shows result and successful server response, using two other similar services also shows online server.

 

The problem is not in your IIS at all, it is fine and responding, but when it get connections, there is firewall or monitoring service blocking IP(s), in case my ISP is blocked, find out what is monitoring/protecting your server traffic and reconfigure it, it could be missed/updated configuration on the host part, or simply you did select wrong or tight security template or something there.

 

In short that is not IIS problem at all, and most likely your host security software/hardware, test with disabled Windows Firewall to make sure, beyond that it is not IIS or Windows problem.