Instant Payment Notification (IPN) & SHA-256 — Possible future issue?

  • Resolved Code Muffin

    (@code-muffin)


    9 years, 2 months ago

    I received an email from PayPal saying that: “PayPal is upgrading the certificate for https://www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.”

    Will this change disrupt the functionality of your plugin in any way? Is there anything I need to do? The email recommended testing sandbox mode (I did this and payment was successful), but I’d like to be sure that all is well ??

    Original email message in full:

    As we have previously communicated to you, PayPal is upgrading the certificate for https://www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.

    This upgrade is scheduled for 30/9/2015; however, we may need to change this date on short notice to you to align to the industry security standard.

    You’re receiving this notification because you’ve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!

    Because these changes are technical in nature, we advise that you consult with your individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. Please share this email and the hyperlinks below with your technical contact for evaluation.

    Testing in the Sandbox is one of the best ways to make sure your integrations work. Sandbox endpoints have been upgraded to accept secure connections by the SHA-256 Certificates.

    Full technical details can be found in our Merchant Security System Upgrade Guide. In addition, our 2015-2016 SSL Certificate Change microsite contains a schedule of our service upgrade plan.

    https://www.ads-software.com/plugins/contact-form-7-paypal-add-on/

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author Scott Paterson

    (@scottpaterson)

    Hi Code Muffin,

    Only the Pro version of this plugin uses PayPal IPN. You do not need to do anything and the plugin should continue to work just fine. I have tested everything using PayPal Sandbox and there was no problems.

    Thanks,
    Scott

    Just FYI – It has nothing to do with WordPress or the plugin code – This is about your hosting server.

    For more info, check out this post here:

    https://www.ads-software.com/support/topic/re-paypal-service-upgrades?replies=1

    Are you sire bc when I contacted my hosting site they said my web developer needs to hamdle this. Im so confused!

    Thread Starter Code Muffin

    (@code-muffin)

    Thanks Scott, love the plugin btw!

    jovanjane, if you’re not using the Pro version you don’t need to worry. If you are, please refer your host to the post Laura that linked to above.

    Thank you! I logged into my site and it says im using paypal standard. So do you think I’m ok?! I clearly know NOTHING about site development :/ I’m a journalist/part-time headwear designer!

    Hi Jovanjane,

    Sorry for the delay in my reply. If you are using Paypal Standard and haven’t put any IPN info into your install, you should be good to go.

    If you are unsure, however, and need help with the testing plugin in the link I provided above, let me know, I can walk you through the steps you need to take to make sure you’re okay.

    I have the email notification box checked on this thread, so this time I’ll see when you reply.

    Thanks!
    Laura

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Instant Payment Notification (IPN) & SHA-256 — Possible future issue?’ is closed to new replies.