Community Forums 

Main Content

PayPal service upgrades IPN

    Sep 10 2015 22:37:42



    Join date : 2015-09-10      Posts : 1

    I recieved the following email from PayPal. Please let me know what I need to do for this matter. Thank you.

    As we have previously communicated to you, PayPal is upgrading the certificate for to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.

    This upgrade is scheduled for 9/30/2015; however, we may need to change this date on short notice to you to align to the industry security standard.

    You’re receiving this notification because you’ve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!

    Because these changes are technical in nature, we advise that you consult with your individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. Please share this email and the hyperlinks below with your technical contact for evaluation.

    Testing in the Sandbox is one of the best ways to make sure your integration works. Sandbox endpoints have been upgraded to accept secure connections by the SHA-256 Certificates.

    Full technical details can be found in our Merchant Security System Upgrade Guide. In addition, our 2015-2016 SSL Certificate Change microsite contains a schedule of our service upgrade plan.

    Thanks for your patience as we continue to improve our services.

    Sep 11 2015 02:37:47



    Join date : 2009-10-14      Posts : 12

    I also came to this forum to see if this question had been answered.

    Is there anything we need to do to be ready for this change?

    Roland Barker
    xnau webdesign

    Sep 11 2015 03:05:53



    Join date : 2008-09-30      Posts : 36

    I imagine Mal will respond, but I don't think that we'll be affected, its my understanding that these messages are stating that Paypal is upgrading *their* Service SSL Certificate, this would have no impact on our sites SSL Certificates (or his here).

    The only thing this would impact would be very old versions of OpenSSL, really outdated versions running On CentOs 4 or older which would already be considered end of life by cPanel and the distributors, so I'm sure Mal's are up to date.

    Sherri Owen
    Making Mal's Even Simpler

    Sep 11 2015 16:37:47



    Join date : 2009-08-03      Posts : 1

    Mal's carts are already carrying the correct SSL version required by PayPal, which is SHA-256. Mal emailed me and said it will not affect the cart.

    You can check the certificate by following a fake order from your cart to the screen where personal information is entered. the http: in your browser bar will change to shttp: to indicate a secure layer. There will also be a lock next to it. Click the lock to open the certificate and you will see that SHA-256 is in place. No worries.


    Sep 11 2015 16:57:31



    Join date : 2012-05-03      Posts : 33

    FYI, on Mal's Paypal Payment Processing setup page, if you have an image URL saved in the "Your logo at PayPal" section it will cause Paypal's checkout page to not be secure.

    ETA: My image was an http image, so perhaps an https image might make the page secure.

    Handmade Goods For People & Places