Kraken Posted May 20, 2015 Report Share Posted May 20, 2015 PayPal sent me an email headlined "ACTION MAY BE REQUIRED: Important merchant integration upgrade information." It warns me "Because these changes are technical in nature, we advise that you consult with your partner, website vendor, or individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. If you do not have a technology team, we recommend you find one." Hmm, I guess that means my web host since I buy my SSL cert through MDD. I'm not technical enough to understand anything more than that the tech requirements for SSL certs are changing. Specifically: What security upgrades should I make to my integration in 2015-2016? Global security threats are constantly changing, and the security of our merchants continues to be our highest priority. To guard against current and future threats, we are encouraging our merchants to make the following upgrades to their integrations:Discontinue use of the VeriSign G2 Root Certificate. In accordance with industry standards, PayPal will no longer accept secure connections that are signed by the VeriSign G2 Root Certificate. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections. Update your integration to support certificates using the SHA-256 algorithm. PayPal is upgrading SSL certificates on all Live and Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm.For detailed information on these changes, please reference the Merchant Security System Upgrade Guide. For a basic introduction to internet security, we also recommend these short videos on SSL Certificates and Public Key Cryptography. My browser's certificate viewer gives me just enough info to be concerned -- I see "PKCS #1 SHA-1 With RSA Encryption" So for starters my questions are: (1) Is this a server-level thing or does it affect my private SSL cert? and (2) do I need to replace my cert before it expires in November? Quote Link to comment Share on other sites More sharing options...
Kraken Posted May 27, 2015 Author Report Share Posted May 27, 2015 Due to absence of replies I'm going to cross-post this in the Shared Hosting Support forum. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.