Paypal SHA-256 Upgrade

amityweb · September 18, 2015, 1:56pm

Hi

I am a bit confused by what is needed for the pending Paypal SHA-256 upgrade coming end of this month.
See https://www.paypal-knowledge.com/infocenter/index?page=content&id=FAQ1766&expand=true&locale=en_US.

What I am confused about is do we need to upgrade our software (e.g. eCommerce websites) or do we need to upgrade the server.

If its the server, then I wondered iof anyone knows how we test to see if we comply or not, because we often update all our servers, and some time ago I changes some SSL settings to be PCI compliant. So I would like to test to see if we already comply with this.

If its a software issue, I need to contact the developers of all the software we use (e.g. Zencart, Joomla, Expression Engine, Craft, Cartthrob, BrilliantRetail, Wordpress, WooCommerce, and more!).

Thanks

Eric · September 18, 2015, 2:17pm

Howdy,

What they’re suggesting is to make sure that you’re SSL certificate is generated using SHA-256. That’s the default for all SSL certificates in Virtualmin now.

You can run a command like this to test which algorithm you’re using:

openssl s_client -connect domain.tld:443 < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"

amityweb · September 21, 2015, 8:43am

Ah OK. Thanks for that, will test all sites now.