close ad
Help us test the new Databridge BETA with MySQLi support
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Another message from PayPal in regards to TLS 1.2

Thread began 3/16/2018 1:35 pm by TroyD | Last modified 3/23/2018 12:23 pm by Ray Borduin | 34 views | 6 replies |

TroyD

Another message from PayPal in regards to TLS 1.2

My clients are receiving messages from PayPal about another upgrade they are making. I have searched and studied this but I can not figure out if I need to change anything in my eCart setups that use PayPal Advanced.

Here is part of their message...

"Our records indicate your current PayPal integration is utilizing a version that is less than TLS 1.2. With the deadline for this security upgrade currently set at June 30, 2018, you will need to act immediately to upgrade your PayPal integration(s) to utilize TLS 1.2 cryptographic protocol PRIOR to this date.

Failure to upgrade your integration by June 30, 2018 will lead to an inability to connect to PayPal for processing customer transactions. For further information on the TLS 1.2 upgrade, please bookmark the TLS 1.2 Upgrade Microsite page and visit frequently to ensure you are armed with the most current information..."


The link they provided is https://www.paypal-notice.com/en/TLS-1.2-and-HTTP1.1-Upgrade/

Is there something I need to change in my WA eCart files?

These sites are using the PayPal Advanced setup where the user doesn't leave the site when making a payment with a credit card. The sites do have an SSL installed and when viewing the certificate's details through the browser, it says they are using TLS 1.2. So I thought maybe it might be something in the WA code that I need to update. Some of these sites where setup a couple years ago.

Thanks for any help you can provide me.

TroyD

Sign in to reply to this post

Ray BorduinWebAssist

Do a site-wide search of your code for this:

CURLOPT_SSLVERSION

if you find that on any line of code, delete that line. By default it will use the latest version of TLS, but a line with that may specify an earlier version can could be causing the issue. By simply deleting the line(s) it should automatically use the latest and greatest available.

Sign in to reply to this post

TroyD

Thanks Ray,

No, I don't find CURLOPT_SSLVERSION in any of the WA files on the sites using PP Advanced. The closest is in the CallHTTP() function in the PP_PayAdv_PHP.php file, so I'm assuming it's not that.

I will see if I can get more information from them and report back.

Thanks,
TroyD

Sign in to reply to this post

Ray BorduinWebAssist

Add this code to a page:

<?php
$ch = curl_init('https://www.howsmyssl.com/a/check');
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$data = curl_exec($ch);
curl_close($ch);
die($data);
$json = json_decode($data);
echo $json->tls_version;
?>

it should tell you if your website is configured for TLS 1.2 properly.

Sign in to reply to this post

TroyD

Thanks again Ray,

I ran the code on a page in the site and posted the response in the PM area.
The end of the response is a little concerning but then again, I don't really know what it all means.

Thoughts?

Thanks
TroyD

Sign in to reply to this post

Ray BorduinWebAssist

Test paypal again. I think that should work now.

Sign in to reply to this post

TroyD

Thanks again Ray. I will do that and see what they say. I appreciate the help here.

TroyD

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...