Another message from PayPal in regards to TLS 1.2

My clients are receiving messages from PayPal about another upgrade they are making. I have searched and studied this but I can not figure out if I need to change anything in my eCart setups that use PayPal Advanced.

Here is part of their message...

"Our records indicate your current PayPal integration is utilizing a version that is less than TLS 1.2. With the deadline for this security upgrade currently set at June 30, 2018, you will need to act immediately to upgrade your PayPal integration(s) to utilize TLS 1.2 cryptographic protocol PRIOR to this date.

Failure to upgrade your integration by June 30, 2018 will lead to an inability to connect to PayPal for processing customer transactions. For further information on the TLS 1.2 upgrade, please bookmark the TLS 1.2 Upgrade Microsite page and visit frequently to ensure you are armed with the most current information..."

The link they provided is https://www.paypal-notice.com/en/TLS-1.2-and-HTTP1.1-Upgrade/

Is there something I need to change in my WA eCart files?

These sites are using the PayPal Advanced setup where the user doesn't leave the site when making a payment with a credit card. The sites do have an SSL installed and when viewing the certificate's details through the browser, it says they are using TLS 1.2. So I thought maybe it might be something in the WA code that I need to update. Some of these sites where setup a couple years ago.

Thanks for any help you can provide me.

TroyD

Do a site-wide search of your code for this:

CURLOPT_SSLVERSION

if you find that on any line of code, delete that line. By default it will use the latest version of TLS, but a line with that may specify an earlier version can could be causing the issue. By simply deleting the line(s) it should automatically use the latest and greatest available.

Thanks Ray,

No, I don't find CURLOPT_SSLVERSION in any of the WA files on the sites using PP Advanced. The closest is in the CallHTTP() function in the PP_PayAdv_PHP.php file, so I'm assuming it's not that.

I will see if I can get more information from them and report back.

Thanks,
TroyD

Add this code to a page:

<?php
$ch = curl_init('https://www.howsmyssl.com/a/check');
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$data = curl_exec($ch);
curl_close($ch);
die($data);
$json = json_decode($data);
echo $json->tls_version;
?>

it should tell you if your website is configured for TLS 1.2 properly.

Thanks again Ray,

I ran the code on a page in the site and posted the response in the PM area.
The end of the response is a little concerning but then again, I don't really know what it all means.

Thoughts?

Thanks
TroyD

Test paypal again. I think that should work now.

Thanks again Ray. I will do that and see what they say. I appreciate the help here.

TroyD