requires OpenSSL >= 1.0.1 to be installed on your server (1and1 shared hosting)

Seeing the same here, Vidahost, I’ve got an SSL cert so any pointers appreciated

I have the same problem on my site hosted with GoDaddy. Any comments, anyone?

I have the same problem on my site hosted with GoDaddy. Any comments, anyone?

Spoke to my hosts and we switched the PHP from a rather old 5.3 to 5.6 or 5.7 and that seems to have sorted it

Unfortunately (for me) the site’s already on PHP 5.5. I’ve changed to 5.6 to see if that makes a difference, but so far I’m still seeing the warning.

I’m not sure if the it takes a bit of time for the change to be applied, so will test it again later to double check. I might try PHP 7 to see if that makes a difference, but I’m not holding my breath.

The hosting provider (1and1) were useless when I emailed them and gave me no helpful information at all. Surprise surprise. The ‘support’ guy I spoke to on the phone tried to sell me an SSL certificate, but I don’t think he knew what I was talking about.

Any other suggestions welcomed… anyone??

I have the same issue on a 1&1 shared hosting package (using PHP 5.6).

I received the rather ambiguous reply below from 1&1, but I can’t tell if it means they will or won’t be implementing OpenSSL >= 1.0.1

As it stands I’m only able to use PayPal Payments Standard.

Regards

Ash

This is an email update with regard to your escalated case. Please be informed that the Open SSL version will not be implemented until further notice. This is still being worked on by our developers and will soon be implemented on our system. We will be sending email update to our customers regarding this matter.

After doing some digging, it appears that the problem is to do with changes PayPal has made. Details here.

There’s more discussion of the problem HERE – HERE – and HERE

To be honest, I don’t know enough about it to work out what they are talking about. But it does mean that a lot of sites are affected, which hopefully means the problem will get sorted soon.

There’s also a plugin HERE that’s supposed to help. I haven’t tried it yet, as my site’s still in development, so I’m not in a rush (yet!). And I can’t work out what needs to be changed with that plugin either…

Again, any pointers will be much appreciated.
Or a timeline from the dev team for any updates would be nice…

Spoke to my hosts and we switched the PHP from a rather old 5.3 to 5.6 or 5.7 and that seems to have sorted it

Thanks for your responses, everyone. I just tried to upgrade my PHP version, but turns out that the highest available on GoDaddy is 5.4, which I am already running :-/ Sadly I’m not qualified enough to look into this matter in detail :-/ :-/

I’ve had this issue with 1&1 too in the last month, and had so many support calls with them that it was just ridiculous. In the end the most they would commit to was that the upgrades to OpenSSL would be finished “this year”.
I’ve now switched hosts to EZPZ and I have openSSL 1.0.1e but I STILL have the error message. What’s going on?!

What EXACT minimum version is required?

Well not a great deal of support going on here… Good luck everyone ??

Hi there!

I promise devs are actively working on this issue. There was an update to the plugin six hours ago– does everyone have the absolute latest version? https://www.ads-software.com/plugins/woocommerce-gateway-paypal-express-checkout/

Any version of OpenSSL 1.0.1 should work. Older versions of PHP may work if your host is willing to update the cURL library to the latest version.

While PayPal has pushed the TLS 1.2 requirement back to 2017, it’s worth noting that PHP 5.4 will not be able to connect using 1.2.

Take a look at the section in the PayPal doc that provides a testing URL.

PayPal has created a new endpoint – https://tlstest.paypal.com – to help you verify that your systems can support the latest security standards. This endpoint supports all of the security standards to which the PayPal endpoints are moving.

On success: A successful connection to https://tlstest.paypal.com will return an HTTP 200 response with the following text in the body: “PayPal_Connection_OK”

https://www.paypal-knowledge.com/infocenter/index?page=content&id=FAQ1914&expand=true&locale=en_US

You may have the proper version of OpenSSL installed, but cURL may not be using it. This goes over how to check:

https://stackoverflow.com/questions/27904854/verify-if-curl-is-using-tls

Yea, just updated and am still getting the error (I’m on PHP 5.6). I’m guessing my problem is with the host (1and1).

1&1 support has been completely useless when I’ve contacted them too, so I’m not holding out much hope… will have to research some other hosting options.

So, after applying the recent updates I was pleasantly surprised to find that the plugin is now working. I’m guessing it was due to a combination of these updates and 1&1 changing something on the hosting.

I’ve just done a couple of tests using PayPal’s sandbox and everything appears to be working smoothly.

Have the same problem and cannot understand the reason.

openSSL version OpenSSL 1.0.2j-fips 26 Sep 2016
php5 version PHP 5.6.1 (cli)
cURL in PHP calls uses OpenSSL/1.0.2j and TLS 1.2

The PayPal test delivers:
curl -i https://tlstest.paypal.com
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 20
Date: Thu, 26 Jan 2017 10:40:51 GMT
Connection: keep-alive

PayPal_Connection_OK

So what is going wrong? From my point of view, everthing should work fine!

BR
Michael

The message leads me to a wrong track. I have found out that apache2-mod_nss is missing. Thats it…

BR Michael