Title: PayPal SSL Changes? Last modified: August 24, 2016 --- # PayPal SSL Changes? * [nickkay83](https://wordpress.org/support/users/nickkay83/) * (@nickkay83) * [11 years ago](https://wordpress.org/support/topic/paypal-ssl-changes/) * I have just received an email from PayPal, pasted below. Will this effect anything within S2Member? * We’re contacting our merchants with some important information in response to an industry-wide security upgrade, not unique to PayPal. This change involves upgrading Secure Sockets Layer (SSL) certificates over the course of 2015 and 2016. * Since these changes are technical in nature, we advise you to consult your partner, website provider, or the people responsible for your PayPal integration. They will be able to identify if any changes will be needed. If you don’t have a technology team, you should change this, and we can work with them to ensure that you continue to process payments through your current integration with PayPal. * Future-proof Your Integration Global security threats are constantly changing, and the security of our merchants continues to be our highest priority. To guard against current and future threats, we are encouraging our merchants to make the following upgrades to their integrations: 1. Discontinue using the VeriSign G2 Root Certificate 2. Update your integration to support certificates using the SHA-256 algorithm Why change? The public Certificate Authority (CA) industry continues to improve the security of SSL certificates. In preparation for requiring the use of the SHA-256 signing algorithm in 2016, the VeriSign G2 Root Certificate that was historically used for connecting to PayPal API and Instant Payment Notification( IPN) endpoints will no longer be supported. When do I need to act? In February 2015, PayPal will upgrade the SSL certificates for the API/IPN endpoints in the Sandbox environment so they are no longer signed by the legacy VeriSign G2 Root Certificate. Merchants will have approximately 4 months to test their integrations to verify they can work with the PayPal Live environment. For a detailed timeline, including upgrade dates for Live and Sandbox API endpoints, see the 2015-2016 SSL Certificate Change Microsite. NOTE: It is important to note that these changes are to address industry-wide security issues and are not unique to PayPal. When implemented, they will improve the privacy and reliability of your PayPal integrations. Since the details of these changes vary by system, we recommend they be made with the help of a qualified system administrator. The Issue: In the past, VeriSign issued SSL certificates that had a trust chain signed by a 1024-bit G2 Root Certificate. In recent years, the government and Public CA industry have moved to more secure 2048-bit certificates, so VeriSign now issues SSL certificates that have a trust chain signed by a 2048-bit G5 Root Certificate issued in 2006. Our Response: In accordance with industry standards, PayPal will no longer accept secure connections to the API/IPN endpoints that are expecting our certificate/trust chain to be signed by the G2 Root Certificate. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections * [https://wordpress.org/plugins/s2member/](https://wordpress.org/plugins/s2member/) Viewing 3 replies - 1 through 3 (of 3 total) * [KTS915](https://wordpress.org/support/users/kts915/) * (@kts915) * [11 years ago](https://wordpress.org/support/topic/paypal-ssl-changes/#post-6120666) * This shouldn’t have any implications for s2Member. 2048-bit certificates have been around for years and s2Member works fine with them. * The real issue here is, if you are running SSL on your own site, do you have the appropriate certificate? Chances are that you do, but you could check with your host or certificate provider to be sure. * Thread Starter [nickkay83](https://wordpress.org/support/users/nickkay83/) * (@nickkay83) * [11 years ago](https://wordpress.org/support/topic/paypal-ssl-changes/#post-6120674) * Thanks for your reply. I thought as much, but just thought I’d check. * [Tandem](https://wordpress.org/support/users/tandem/) * (@tandem) * [11 years ago](https://wordpress.org/support/topic/paypal-ssl-changes/#post-6120713) * Here are more details about the PayPal SSL updates at s2Member site: [http://s2member.com/kb-article/will-paypal-ssl-updates-in-2015-2016-impact-my-installation-of-s2member/](http://s2member.com/kb-article/will-paypal-ssl-updates-in-2015-2016-impact-my-installation-of-s2member/) Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘PayPal SSL Changes?’ is closed to new replies. * ![](https://ps.w.org/s2member/assets/icon-256x256.png?rev=980067) * [s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions](https://wordpress.org/plugins/s2member/) * [Frequently Asked Questions](https://wordpress.org/plugins/s2member/#faq) * [Support Threads](https://wordpress.org/support/plugin/s2member/) * [Active Topics](https://wordpress.org/support/plugin/s2member/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/s2member/unresolved/) * [Reviews](https://wordpress.org/support/plugin/s2member/reviews/) * 3 replies * 3 participants * Last reply from: [Tandem](https://wordpress.org/support/users/tandem/) * Last activity: [11 years ago](https://wordpress.org/support/topic/paypal-ssl-changes/#post-6120713) * Status: not resolved