Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PayPal IPN Service Upgrades (SHA-256) September 9th

‎09-13-2015 01:07 AM
‎09-13-2015 01:07 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

@Eminent Style: Yes, if your SSL Certificate is confirmed to be SHA-256 (also known as SHA-2), you should be all set. Smiley Happy

James Lee | Moderator • Magento Master
Magento Hosting Recommended by Magento Master
‎09-13-2015 06:48 AM
‎09-13-2015 06:48 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

@JLHC many thanks
0 Kudos
‎09-13-2015 11:52 PM
‎09-13-2015 11:52 PM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

> if your SSL Certificate is confirmed to be SHA-256 (also known as SHA-2), you should be all set. Smiley Happy

 

Is SHA-256 = SHA-2 ? I read SHA-2 includes SHA-256 hash function ?

 

For my domain, shaaaaaaaaaaaaa.com just says "******** has a verifiable certificate chain signed with SHA-2. " 

Does that mean that the certificate is confirmed to be SHA-256?

0 Kudos
‎09-14-2015 03:20 AM
‎09-14-2015 03:20 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

So if we don't use any ssl certificate in our store, we can't use IPN service on 30th september?

 

We have magento 1.7.0.2, and don't include any option to enable/disable IPN.

 

We can continue using paypal and receive only e-mails notifications or can I have other issues?

 

thank you.

0 Kudos
‎09-14-2015 05:28 AM
‎09-14-2015 05:28 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

@maxime_tanuki: SHA-256 is also known as SHA-2. Smiley Wink

 

@Sergio Alfaro: You may need to contact PayPal to know if they will allow IPN without a SSL Certificate. This shouldn't affect anything that is not IPN related like the email notifications. 

James Lee | Moderator • Magento Master
Magento Hosting Recommended by Magento Master
‎09-14-2015 07:10 AM
‎09-14-2015 07:10 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

@JLHC wrote:

 

@Sergio Alfaro: You may need to contact PayPal to know if they will allow IPN without a SSL Certificate. This shouldn't affect anything that is not IPN related like the email notifications. 

This is main thing we need to know. Currently magento does NOT use a secure (https) URL for the IPN so it wont even be using the SHA-256 cert (even if you have one). If PayPal will not longer accpet http:// URLs for the IPN then magento will need to be modified.

0 Kudos
‎09-16-2015 11:48 PM
‎09-16-2015 11:48 PM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

 

  I ran into an issue on Sep 9th with my Magento store and paypal.  Using Paypal payment advanced. Orders that go through are not setting the orders to procesing.  When the PayFlowAdvancedcontroller.php is called it checks the order to see if its

 

Mage_Sales_Model_Order:Smiley FrustratedTATE_PROCESSING or Mage_Sales_Model_Order:Smiley FrustratedTATE_COMPLETE

 

Since the state wasn't updated the customer gets a "declined CC" message when their order actually went through.  I can't seem to find the cause other then it must be related to this IPN service upgrade.  Everything worked fine for the past couple years until last week. 

 

When I check my SSL cert using the previous URL listed I get "has a verifiable certificate chain signed with SHA-2."  my cert is from godaddy.   Right now I'm having to manually handle all these order states and I don't know where to look to find out why the trasaction process isn't updating the orders to processing.

 

Has anyone seen this issue and know of a solution or a place to look.

 

-Eric

0 Kudos
‎09-17-2015 01:59 AM
‎09-17-2015 01:59 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

I hope this post helps.

 

http://civicrm.stackexchange.com/questions/6369/do-sites-without-ssl-now-need-one-for-paypal-ipn

‎09-17-2015 02:44 AM
‎09-17-2015 02:44 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

Yes it does! Thanks for pointing it out. 

 

Here's how I understand this:-

 

1. If you do not have a SSL Certificate, IPN will work as usual.

 

2. If you have a SSL Certificate with SHA-1, IPN will stop working.

 

3. If you have a SSL Certificate with SHA-256 (aka SHA-2), IPN will work as usual.  

 

 

I can understand why PayPal is enforcing this though because having a SSL Certificate with SHA-1 may give users a false sense of security. This is not a "problem" with those without a SSL Certificate because users won't feel secure at all. 

James Lee | Moderator • Magento Master
Magento Hosting Recommended by Magento Master
0 Kudos
‎09-17-2015 11:13 AM
‎09-17-2015 11:13 AM

Re: PayPal IPN Service Upgrades (SHA-256) September 9th

 

 My problem is my SSL cert is SHA-256 and my magento paypal integration isn't talking anymore to paypal after the 9th.

 

PKCS #1 SHA-256 With RSA Encryption

 

There is a silent post/capture that is now not working when they place an order and the non secure IPN listener is working when I setup paypals IPN notification.

 

For example the communication through the links below no longer work which leaves the order at pending payment.

 

 

         [silentpost] => TRUE
            [silentposturl] => https://www.mydomainname.com/paypal/payflowadvanced/silentPost
            [returnurl] => https://www.mydomainname.com/paypal/payflowadvanced/returnUrl

- domain name edited out

However I have the IPN messaging enabled (at paypal) turned on which sends IPN to  http://www.mydomain.com/paypal/ipn  This message goes through and magento finishes up the order based on that messaging. 

 

The problem is with payflowadvanced that first transaction IPN needs to go through to keep the user from seeing a "Declined credit card" message.

 

Can anyone point me to a test script I can execute to try to determine why paypal isn't talking over SSL.  As always thank you for any input you can provide.

 

-Eric

 

0 Kudos