Announcement

**gripper** · 09-11-15, 05:16 AM

Re: PayPal IPN email is confusing

Originally posted by lesliekirk View Post

Do store owners that are using PayPal modules that use the IPN method need to do anything?

My question is similar to Leslie's. If we are using the Miva Paypal Standard are we ok? DO we need to do anything?

Here is the text of the email I received yesterday:

As we have previously communicated to you, PayPal is upgrading the certificate for www.paypal.comto SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.

This upgrade is scheduled for 9/30/2015; however, we may need to change this date on short notice to you to align to the industry security standard.

You�re receiving this notification because you�ve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!Because these changes are technical in nature, we advise that you consult with your individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. Please share this email and the hyperlinks below with your technical contact for evaluation.

Testing in the Sandbox is one of the best ways to make sure your integration works. Sandbox endpoints have been upgraded to accept secure connections by the SHA-256 Certificates.

**fastees** · 09-11-15, 07:03 AM

Re: PayPal IPN email is confusing

Just would like to be informed when we get an answer here.

**Bruce - PhosphorMedia** · 09-11-15, 08:05 AM

Re: PayPal IPN email is confusing

I don't believe either modules is in 'active' development or sale (though emediasales.com might be able/willing to patch the Mikeworks module).

So, for that reason alone, and that the current Miva distributed module provides what is needed, I'd definitely recommend replacing them.

**rbuelna** · 09-11-15, 12:00 PM

Re: PayPal IPN email is confusing

Originally posted by lesliekirk View Post

Do store owners that are using PayPal modules that use the IPN method need to do anything?

I have a store owner that has two active PayPal modules: GOL PayPal (PayPal Pro by Gilligan On-Line) and Paypal Web Accept (mikeWorks).

Do these modules need to be updated or replaced? If they need to be replaced would it be with the built-in PayPal Standard module?

Leslie

Leslie,

Neither of those modules are ours so we can't say these PayPal changes won't have affect them. However, from what I gather from development the primary factor in these PayPal changes is the version of openSSL that the server is running. Leslie, if we host these particular clients you are mentioning they should be fine, no changes will need to be made on our side. If they are hosted somewhere else they just need to make sure that their Empresa needs to be 5.22 and their host�s version of OpenSSL needs to support SHA2 certificates.

Regards

Announcement

PayPal IPN email is confusing

PayPal IPN email is confusing

Comment

Comment

Comment

Comment