PayPal SSL Certificate Changes

To continue PayPal policy of ensuring the highest level of security for merchants, developers, and consumers, PayPal is making upgrades to the SSL certificates on all web and API endpoints.
AbanteCart merchants and developers will need to ensure that all required upgrades are implemented to prevent an outage to your payment processing!

Why are These Changes Needed?

Due to security concerns over advances in computing power, the industry is phasing out 1024-bit SSL certificates (G2) in favor of 2048-bit certificates (G5), and is moving towards a higher strength data encryption algorithm to secure data transmission, SHA-2 (256) over the older SHA-1 algorithm standard.

How to Update to Prevent Service Outage

• Save the VeriSign G5 Root Trust Anchor in your keystore.
• Upgrade your environment to support the SHA-256 signing algorithm.
• Perform end-to-end testing of the integration!

Testing Your SSL Certificate Upgrade

Any tests that are currently run against PayPal Sandbox endpoints will require a VeriSign G5 root certificate, so you can test your upgrades by making requests against the Sandbox environment by using the following steps:

• Swap out the live API credentials / API endpoints on the merchant application with the Sandbox credentials / API endpoints.
• If you receive a handshake error (e.g. “No trusted certificate found”), check the merchant keystone to see if the PayPal VeriSign G5 root certification is present.

Read more  

Technical upgrade information www.paypal-knowledge.com

Enjoy AbanteCart and stay secure