[SOLVED] CIC Crédit Mutuel - incorrect Secret Key signature

Hello,
Thanks for your reply, your reinstallation and your tests.
The file notif.php is well on the the correct place.
I simplified my .htaccess and disabled CrawklProtect on my preprod site but without any success and exactly the same error!
I contacted GrizzlyDev - a French company that I know well in order to help me on this strange issue - which could contact you.
Best Regards,
Alain

There's nothing more I can advise if the notif.php is not reachable then you've something blocking its access. I've attempted to use debug version of notif.php, but always the same 500 error. This means something server side is stopping the file from every being accessed. This could be an htaccess file that's blocking direct access somewhere in your Joomla file structure.

Hello,

My CIC Crédit Mutuel plugin is now in production and main subscriptions are correct since last Friday.

As we spent some time together about this issue, I would like to report to you and everybody what GrizzlyDev and me did to solve it:
1) (As you explaned to me that my installation has something wrong about access) Just after installation of the plugin in my preprod website, I changed access of ciccreditmutel folder and files inside to protect them against write using Filezilla. But, for an unknown reason, the ACL were modified and avoid correct execution (notif.php). After correcting ACL with correct permission, there are no more "Response : return code : payetest CGI2 : NOT OK". SO I decided to install plugins in my production website without change access permission by default and this installation ran correctly immediatly.
2) (As you advised me) the return URL need to be in http (not in https) due to the fact my website is hosted by OVH on a shared server that cannot support https access (concerning the OVH's offer I used currently). With the return URL in http (in my case without https support), I didn't have any incorrect secret key signature myself (due to the fact I previously accepted security exception from my website) but customers continue to obtain this issue. So, it's not enough.
3) I desactivated an automatic redirection from https to http inside my .htaccess, that reduces drastically the number of incorrect Secret Key signature.

For the moment, I have only one case of incorrect signature.
Please see explanation below from CIC Crédit Mutuel hotline (that I translated):
The error message of invalid signature is due to an error in computation of Mac seal.
It seems that your system (CBSubs) that retrieves username and put it inside free text had created invalid characters.
Extract of free text with error= e# "ldulude" #votre identifiant)
Complet free text= Abonnement annuel de l'abonné(e) "ldulude" (votre identifiant) pour le site X

What do you think about this issue?

Thanks in advance for your reply.
Best Regards,
Alain

Is CIC Crédit Mutuel saying "texte-libre" parameter has invalid characters? That's entirely controlled by CBSubs > Plans > Your Plan > Pricing > "Payment processor item text (short)". You may need to adjust it to something more simple if characters are being sent that CIC Crédit Mutuel does not like.

Hello,

Exactly, CIC Crédit Mutuel said "texte-libre" [free text] parameter has invalid characters.

As it's the same free text for every subscription, I conclude either the invalid character is inside username, or the invalid character is created by the script to concatenate all strings composing this free text (as suggested CIC Crédit Mutuel).

My current settings:
. CBSubs > Plans > Your Plan > Pricing > (§Payment invoice item text):
.. Payment processor item text (short)= [PREFIX_TEXT] [ITEM_ALIAS][VALIDITY_IF_NOT_AUTORECURRING]
.. Payment item text= [PREFIX_TEXT] [PLANS_TITLE]: [ITEM_NAME] [VALIDITY_IF_NOT_AUTORECURRING] pour "[USERNAME]" (votre identifiant)
. CBSubs > Display > Baskets > (§Payment basket and gateway item text):
.. Payment basket item text= [ITEMS_ALIASES] de "[USERNAME]" (votre identifiant) pour le site [SITENAME]

As I cannot see how I could simplify more my current setting "Payment processor item text (short)" as you advised me, and due to text explanation inside back office, I decided to simplify the setting "Payment basket item text" that seems also to be used by processor as real text free. Tell me if I was wrong?

So, anyway, I simplified this free text ("Payment basket item text" now without any accent) but the customer obtained the samed bad result.
Now the free text for this customer is : Abonnement annuel de ldulude pour le site X
(where ldulude is the username and is not composed of invalid character).

What do you think about this issue?

Do you think I need to simplify also setting "Payment item text" and "Payment processor item text (short)"?
Where I can find all cases of text replacing [PREFIX_TEXT]?

Thanks in advance for your reply.
Best Regards,
Alain

The text looks fine to me. Is CIC Crédit Mutuel support able to better clarify what specifically about it is causing problems? I'm guessing they don't like the usage of single quotes so maybe try removing any quotes from plan names, etc..