stackoom
  简体   繁体   中英

PayPal's certificate upgrade & Encrypted Website Payments

 原文  2015-04-28 02:03:24       php/ ssl/ encryption/ paypal/ certificate

Question

I've been receiving notifications from PayPal that I need to update my integration to use SHA256 certificates.

I use PayPal's Encrypted Website Payments, with the EWP Services Kit (which they no longer seem to offer for download). I encrypt the payment buttons myself, in PHP, rather than using PayPal's button creation facility. PayPal's documentation for this still specifies 1024-bit keys:

https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/encryptedwebpayments/#id08A3I0P0B30

Note the openssl commands in the above link:

openssl genrsa -out ps-prvkey.pem 1024 openssl req -new -key ps-prvkey.pem -x509 -days 365 -out ps-pubcert.pem

On the microsite describing the certificate change, it says this:

https://ppmts.custhelp.com/app/answers/detail/a_id/1236

Q. How do I know if my integration is affected?

We are making changes to the Sandbox environments prior to any Live changes, so you can verify your integration against the Sandbox. If you see these or similar error messages in the Sandbox environment, you will need to update your integration before we make changes to our Live environment (per the timeline above).

  • “Unable to find valid certification path to requested target”
  • “SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled”
  • “alert handshake failure”
  • “Problem with the SSL CA cert (path? access rights?)”

I tested my integration against the sandbox, and it went through fine - no error messages. So I'm wondering if that truly means EWP sites don't have to update their certificates or (more likely), PayPal has neglected to document this.

QUESTION: Do I have to update my certificates? If so, I need the following information:

(1) What is the updated version of the openssl commands? Do I just replace 1024 with 2048?

(2) Do I need an updated version of the PayPal certificates (live and sandbox)? If so, where do I get them?

(3) When will the change be made for EWP integrations (the date)?

I've been all over the PayPal site, and I can't find this information anywhere.

1 answers

solution1
 0  2015-06-04 13:31:48

It sounds like you are using PayPal Website Payments Standard, regardless of whether you encrypt the buttons or not. PayPal Website Payments Standard is unaffected by the SSL Upgrade by PayPal so no action is necessary on your part. More info here: https://devblog.paypal.com/paypal-ssl-certificate-changes/

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Paypal Encrypted Website payments PayPal Encrypted Payments Not Working PHP APACHE XAMPP paypal chained payments on my website Paypal Website Payments Pro Iframe - pay with paypal button is redirecting to paypal Paypal Website Payments Pro - Get AVS/CVV Paypal Website Payments Pro - Current Exchange Rates? Paypal Website Payments Standard with dynamic Amount How to correctly integrate PayPal's API with paypal payments pro? Working example of paypal Website Payments Pro Hosted Solution Iframe? paypal adaptive payments-sdk showing error 540031 in website
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM