Paypal SHA-256 Upgrade


I am a bit confused by what is needed for the pending Paypal SHA-256 upgrade coming end of this month.

What I am confused about is do we need to upgrade our software (e.g. eCommerce websites) or do we need to upgrade the server.

If its the server, then I wondered iof anyone knows how we test to see if we comply or not, because we often update all our servers, and some time ago I changes some SSL settings to be PCI compliant. So I would like to test to see if we already comply with this.

If its a software issue, I need to contact the developers of all the software we use (e.g. Zencart, Joomla, Expression Engine, Craft, Cartthrob, BrilliantRetail, Wordpress, WooCommerce, and more!).



What they’re suggesting is to make sure that you’re SSL certificate is generated using SHA-256. That’s the default for all SSL certificates in Virtualmin now.

You can run a command like this to test which algorithm you’re using:

openssl s_client -connect domain.tld:443 < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"

Ah OK. Thanks for that, will test all sites now.