I've been getting emails from PayPal for the last few months saying that they're updating things at their end to support SHA-256 certificates and that I might have to make changes on my websites in order for my PayPal integration to continue to work.
I use PayPal's IPN service, which I originally set up on my website (all custom PHP code that I wrote, no pre-built shopping carts) and that has been running quite happily since 2008.
My hosting is shared hosting on iServe as it's not a very large or busy website. The hosting platform is running PHP 5.2.17, Apache 2.2.3 (CentOS), and OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 (I got all of this info from PHP's phpinfo() function).
Am I correct in thinking that any changes that need to be made will have to be made by my web host (i.e. iServe) since I can't update any software on the server?
When I originally set everything up back in 2008 I remember downloading a certificate from PayPal and using OpenSSL on my Windows PC to create something (another certificate? I don't know) which I then uploaded to my website and use for encrypting my payment requests to PayPal. Does the SHA-256 changes that PayPal are bring in affect this? Do I need to remake the certificate or something?
I did try using the IPN Simulator (after changing the end points that my IPN handler uses) but I can't get this to work as the IPN Simulator gives me a 502 Bad Gateway error and I've got no idea what that means or what the problem might be.
Administrator
Trusted
Geekzone
