Skip to Content Skip to Menu

[SOLVED] CBSubs - will it be affected by upcoming Paypal changes???

  • mikerotec
  • mikerotec
  • OFFLINE
  • Posts: 346
  • Thanks: 28
  • Karma: 2
9 years 2 months ago - 9 years 2 months ago #270286 by mikerotec
I just got this email, wondering if it impacts us. Is a patch going to be needed?

We are still running CBsubs 3.0.0 on CB 1.9.1 ( have had no time to test CBSubs 4.0.1 upgrade yet...)

=============================================

IMMEDIATE ATTENTION REQUIRED: PayPal service upgrades.

PayPal service upgrades.


As we have previously communicated to you, PayPal is upgrading the certificate for www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.

This upgrade is scheduled for 9/30/2015; however, we may need to change this date on short notice to you to align to the industry security standard.

You’re receiving this notification because you’ve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!

Because these changes are technical in nature, we advise that you consult with your individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. Please share this email and the hyperlinks below with your technical contact for evaluation.
Testing in the Sandbox is one of the best ways to make sure your integration works. Sandbox endpoints have been upgraded to accept secure connections by the SHA-256 Certificates.
Full technical details can be found in our Merchant Security System Upgrade Guide . In addition, our 2015-2016 SSL Certificate Change microsite contains a schedule of our service upgrade plan.
Thanks for your patience as we continue to improve our services.
Last edit: 9 years 2 months ago by mikerotec.

Please Log in or Create an account to join the conversation.

  • mikerotec
  • mikerotec
  • OFFLINE
  • Posts: 346
  • Thanks: 28
  • Karma: 2
9 years 2 months ago - 9 years 2 months ago #270501 by mikerotec
No comment? (*bump*)
Last edit: 9 years 2 months ago by mikerotec.

Please Log in or Create an account to join the conversation.

  • beat
  • beat
  • ONLINE
  • Posts: 2169
  • Thanks: 463
  • Karma: 352
9 years 2 months ago #270512 by beat
Sorry for delayed answer.

CBSubs itself is not affected by that change.

Just check with your hoster that his base system (often Linux) and SSL layer (often OpenSSL that comes with his Linux distribution) are maintained up to date.

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
The following user(s) said Thank You: mikerotec

Please Log in or Create an account to join the conversation.

  • mikerotec
  • mikerotec
  • OFFLINE
  • Posts: 346
  • Thanks: 28
  • Karma: 2
9 years 2 months ago - 9 years 2 months ago #270519 by mikerotec
We did the check of our CentOS as follows:
Code:
echo "All certificates in ca-bundle.crt, listed by subject:" awk -v cmd='openssl x509 -noout -subject' '/BEGIN/{close(cmd)};{print | cmd}' < /etc/pki/tls/certs/ca-bundle.crt

the output included the required "G5" cert
Code:
CN=VeriSign Class 3 Public Primary Certification Authority - G5

So we are good to go :-)
Last edit: 9 years 2 months ago by mikerotec.
The following user(s) said Thank You: beat

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum