pancakes

MicrostockGroup Sponsors


Author Topic: Paypal  (Read 2008 times)

0 Members and 1 Guest are viewing this topic.

« on: September 13, 2015, 14:47 »
0
Got the following email from Paypal regarding my Symbiostock site:

"PayPal service upgrades.

As we have previously communicated to you, PayPal is upgrading the certificate for www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.
 
This upgrade is scheduled for 9/30/2015; however, we may need to change this date on short notice to you to align to the industry security standard.

Youre receiving this notification because youve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!

Because these changes are technical in nature, we advise that you consult with your individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. Please share this email and the hyperlinks below with your technical contact for evaluation.

Testing in the Sandbox is one of the best ways to make sure your integration works. Sandbox endpoints have been upgraded to accept secure connections by the SHA-256 Certificates.

Full technical details can be found in our Merchant Security System Upgrade Guide. In addition, our 2015-2016 SSL Certificate Change microsite contains a schedule of our service upgrade plan.

Thanks for your patience as we continue to improve our services."

Anyone else get this?



« Reply #2 on: September 13, 2015, 16:24 »
0
It's all a bit cryptic in the way they explain it, but it's relatively simple:

When you receive an IPN, the software (in the case of Symbiostock, WooCommerce) confirms the IPN with PayPal via a secured URL. All PayPal is saying is that the security of this request is now being changed from 128 to 256.

You don't have to change your IPN url, or put that in SSL. All that is required is that the server that is going to contact PayPal to confirm the IPN knows how to communicate via the 256 standard. Most servers will be okay with this.

An easy way to test is to download and install this plugin:

https://gist.github.com/mikejolley/0941e0882efcad64ea40

It will tell you whether your server can negotiate it or not. I've tested it on a number of servers and they have all been successful.

Tried it with success.  Thanks Robin!


 

Related Topics

  Subject / Started by Replies Last post
22 Replies
12448 Views
Last post January 27, 2007, 15:48
by PenelopeB
2 Replies
5805 Views
Last post November 20, 2011, 21:57
by gemmy12
14 Replies
2397 Views
Last post August 17, 2013, 18:45
by pixel86
5 Replies
3421 Views
Last post February 11, 2014, 10:51
by chromaco
7 Replies
1707 Views
Last post January 30, 2019, 20:30
by qunamax

Sponsors

Microstock Poll Results