简体繁体 English

关于Paypal-2016年商家安全升级

[英]Regarding Paypal - 2016 merchant security upgrades

原文 2016-10-12 07:58:08 8 1 php/ magento/ ssl/ paypal/ verisign

We are having the website (www.kalakendra.com) on magento v1.9.2.1 which hosted on the GoDaddy cloud server. 我们在magento v1.9.2.1上拥有一个网站（www.kalakendra.com），该网站托管在GoDaddy云服务器上。 We are using the paypal express checkout with IPN service. 我们正在将Paypal Express Checkout与IPN服务一起使用。 We have received an email from paypal concerning to upgrade the paypal ssl certificate security measures. 我们收到了来自Paypal的电子邮件，内容涉及升级Paypal ssl证书安全措施。

I have gone through various forums and stackoverflow questions as well. 我也经历了各种论坛和stackoverflow问题。 But still i have some doubt on the impact of paypal security upgrades if we fails to do it. 但是，如果我们不这样做，我仍然对贝宝安全升级的影响有些怀疑。

Our Server Configurations are 我们的服务器配置是

Linux 3.16.0-30-generic Ubuntu V14.04 MySql v5.0.11 Apache/2.4.18 (Unix) OpenSSL/1.0.2g PHP/5.5.34 mod_perl/2.0.8-dev Perl/v5.16.3 Linux 3.16.0-30-通用Ubuntu V14.04 MySql v5.0.11 Apache / 2.4.18（Unix）OpenSSL / 1.0.2g PHP / 5.5.34 mod_perl / 2.0.8-dev Perl / v5.16.3

my doubts are, 我的疑问是，

Even though we don't have any SSL certificate but have the latest upgraded cloud server with openssl v1.0.2. 即使我们没有任何SSL证书，但拥有带有openssl v1.0.2的最新升级的云服务器。 So whether we should implement the SSL Certificate installation or no need of that? 那么我们是否应该实施SSL证书安装还是不需要？
Shall we can update the SHA-1 to SHA-2 and also VeriSign G2 Root Certificate to VeriSign G5 Root Certificate without having SSL certificate? 我们是否可以在没有SSL证书的情况下将SHA-1更新为SHA-2，并将VeriSign G2根证书更新为VeriSign G5根证书？

Sorry for my poor english. 对不起，我英语不好。

Thanks. 谢谢。

1 个解决方案

Now, PayPal needs TLS 1.2 instead of 1.0 so please check in your server configuration through PHP info file. 现在，PayPal需要TLS 1.2而不是1.0，因此请通过PHP信息文件检入服务器配置。 If you have TLS 1.0 version then ask your server support to upgrade it into TLS 1.2. 如果您具有TLS 1.0版本，请要求您的服务器支持将其升级到TLS 1.2。