PayPal SSL Certificate Change

This document applies to those seeking information regarding an upcoming change in the PayPal SSL Certificate as outlined here:  https://devblog.paypal.com/paypal-ssl-certificate-changes/

The redCOMPONENT PayPal payment plugins do not require any updates to work with this new certificate. 

Important Information

If you are using the standard PayPal payments plugin, you do not need to make any changes.

If you are using the PayPal Pro Payment Plugin (where the payments are processed within your site without redirecting to PayPal) you may need to make changes at your hosting level. If you find that there are issues please check the outlined steps provided by PayPal, pasted below:

  • Save the VeriSign G5 Root Trust Anchor in your keystore.
  • Upgrade your environment to support the SHA-256 signing algorithm.
  • Perform end-to-end testing of the integration against the Sandbox / Payflow Pilot environment (including Instant Payment Notifications (IPN), Payment Data Transfer (PDT), and Silent Posts).

The first two steps relate to your hosting environment, and as such your hosting provider should be able to help you or point you in the right direction for support.

For performing tests, follow these steps as outlined by PayPal in the document:

Testing Your SSL Certificate Upgrade

Any tests that are currently run against PayPal Sandbox endpoints will require a VeriSign G5 root certificate, so you can test your upgrades by making requests against the Sandbox environment by using the following steps: