Posted by Aaron on March 02, 2015
Comments (0)
Late last week we began receiving reports that UPS real-time rates were not displaying on merchant websites, and those reports have only intensified over the weekend. This issue does not affect all BV Commerce websites, but all versions can be affected.
This is a technical issue requiring changes to your web server's configuration. If you do not have remote desktop access to your server or are not a trained IT professional we recommend that you contact your hosting company for assistance.
UPS has confirmed that they have been slowly disabling SSLv3 on their rating servers, though not all of them have been disabled at this point (i.e. even if you're not seeing a problem today it could still crop up later). Officially they've said that effective March 1st their servers will only accept requests using TLS 1.0 or higher; any requests submitted using older protocols (SSLv3 or older) will fail.
Disabling SSLv3 on your server should resolve the problem, but there could still potentially be issues if TLS isn't enabled or older protocols are enabled and prioritized higher than TLS. Noah Duarte at Resposio, one of our hosting partners, helped us track down this problem and recommends using Nartac Software's IIS Crypto tool using the "PCI template" setting. This should disable the appropriate protocols and cyphers as well as prioritize them from most secure to least secure. A server reboot will be required once these changes have been made.