antecedents
Recently, when adjusting the function of Alipay Payment, I found that I could not normally receive the callback notification after successful payment of Alipay. After checking the code, configuration and server configuration, I finally found that the reason for the problem was that our callback address notifY_URL is HTTPS, but it is not a certificate issued by the authority. Not trusted by Alipay, so did not initiate a callback.
The problem tracking
After confirming that notify_URL is correctly configured, you can use Postman in the development environment to request the callback address you have set. In this way, you can enter the interface layer of the Controller normally.
So even if the test environment server load configuration is not correct, by tracking nginx access. Log, found that their simulated initiated requests can enter the server, and correctly forward to the following application process.
That is not pay treasure sandbox environment hung, or pay treasure server bug, rational tell me should have another catch, there is mention this problem in a page of pay treasure.
Ensure that the page is HTTP or HTTPS. If the page is HTTPS, you need to install an SSL certificate. The certificate must be: Issued by a valid certificate authority and does not support self-signing.
Then hurry up, according to alipay, Bao Ye requirements, to self-check their own certificate, the following two addresses can be very convenient to detect the validity of SSL certificate.
Detection Address:
www.chinassl.net/ssltools/ss…
Cheapsslsecurity.com/ssltools/ss…
Notify_url: No Intermediate/Chain certificate were found. Mom, our certificate is not actually issued by the authority, too terrible.
RapidSSL RSA CA 2018 is not an authoritative authority, so it is not trusted by Alipay. Therefore, it does not notify notify_URL of interface callback to the corresponding address.
After analyzing the cause, we immediately replaced it with the HTTP callback address, so that we could receive the notification normally. Later, we replaced an HTTPS certificate authorized by GoDaddy.com, Inc, which completely solved the problem.