Is WooCommerce PayPal Compliant? SHA-256

  • Resolved skeeterz71

    (@skeeterz71)


    8 years, 1 month ago

    Hi,

    I received an email stating I need to make some changes to my site. I think this has to do with the WooCommerce PayPal configuration. So, Will WooCommerce get up to speed on this, or do I misunderstand what is being said. Thanks

    “1. Support SHA-256. PayPal is upgrading SSL certificates on all Live and Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm. You will need to update your integration to support certificates using SHA-256.

    2.Discontinue use of the VeriSign G2 Root Certificate. In accordance with industry standards, PayPal will no longer honor secure connections that require the VeriSign G2 Root Certificate for trust validation. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections.”

    https://wordpress.org/plugins/woocommerce/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor Claudio Sanches

    (@claudiosanches)

    8 years, 1 month ago

    “1. Support SHA-256. PayPal is upgrading SSL certificates on all Live and Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm. You will need to update your integration to support certificates using SHA-256.

    In this case your server need to be able to support SHA-256.
    Generally all servers supports it.

    2.Discontinue use of the VeriSign G2 Root Certificate. In accordance with industry standards, PayPal will no longer honor secure connections that require the VeriSign G2 Root Certificate for trust validation. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections.”

    This is related between your server and WordPress… But I’m sure that WordPress don’t use “VeriSign G2 Root Certificate” anymore.

    In other words WooCommerce is compliant with the changes PayPal.
    If you have something that may need to be updated is your WordPress and/or server (and to be honest, the server must be too outdated to have problems with it).

    Thread Starter skeeterz71

    (@skeeterz71)

    8 years, 1 month ago

    Thanks. I got in touch with my host and had them run the command that Paypal setup:

    GET https://tlstest.paypal.com

    And got the correct response: PayPal_Connection_OK

    So everything is good.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Is WooCommerce PayPal Compliant? SHA-256’ is closed to new replies.

Tags