We've been getting a lot of inquiries today regarding a notification merchants have received from PayPal regarding their pending upgrade to an SSL certificate using SHA-256 encryption keys later this month.
Rest assured, Development is well aware of PayPal's pending new SSL encryption requirements and performing the necessary server upgrades to ensure we will remain compliant. No action would be required on your part; we'll have it all taken care of at our end. :^)
paypal@paypal.comPayPal service upgrades.
As we have previously communicated to you, PayPal is upgrading the certificate for
www.paypal.com
to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.
This upgrade is scheduled for 9/30/2015; however, we may need to change this date on short notice to you to align to the industry security standard.
You’re receiving this notification because you’ve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!
Because these changes are technical in nature, we advise that you consult with your individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. Please share this email and the hyperlinks below with your technical contact for evaluation.
Testing in the Sandbox is one of the best ways to make sure your integration works. Sandbox endpoints have been upgraded to accept secure connections by the SHA-256 Certificates.
Full technical details can be found in our Merchant Security System Upgrade Guide. In addition, our 2015-2016 SSL Certificate Change microsite contains a schedule of our service upgrade plan.
Thanks for your patience as we continue to improve our services.